14 — Security Awareness and Skills Training
9 safeguards in the Security Awareness and Skills Training control
14.1Establish and Maintain a Security Awareness Program
14.2Train Workforce Members to Recognize Social Engineering Attacks
14.3Train Workforce Members on Authentication Best Practices
14.4Train Workforce on Data Handling Best Practices
14.5Train Workforce Members on Causes of Unintentional Data Exposure
14.6Train Workforce Members on Recognizing and Reporting Security Incidents
14.7Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates
14.8Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks
14.9Conduct Role-Specific Security Awareness and Skills Training