In today's How to Automate segment, we will explore how to easily establish a cybersecurity awareness assistant to help disseminate security information to your colleagues.

No matter how well-prepared you are to defend against attackers, your employees serve as your first line of defense. A single vulnerability in this line can provide attackers with a foothold in your networks and systems. Consider the scenario of attackers gaining access to an employee's credentials, allowing them legitimate entry to your organization's networks, systems, and sensitive data.

Even if you have implemented two-factor authentication (2FA) throughout the organization, we have observed that without proper awareness, 2FA is not an impenetrable barrier. As the primary means of defense, 2FA is effective, but not infallible, as evidenced by significant breaches last year. Once initial access is obtained, attackers may seek to escalate their privileges. In this aspect of your comprehensive defense strategy, the vigilance of your employees is crucial. Any requests for access in your #general channel should be approached with caution.

While certain security practices may seem like common sense, such as "do not click on URLs in emails from unknown senders," they are not always followed due to contextual influences on employees. They may believe they are providing assistance, feel stressed, and fail to consider the potential consequences of their actions. This is a natural human tendency, as we are susceptible to influence, and it will always be the case.

To reiterate, regardless of the strength of your security infrastructure or the quantity and configuration of your tools, a $10 million security stack will not protect you if your first line of defense is permeable. This is a fact.

Therefore, organizations, in addition to fortifying their cybersecurity infrastructure, also prioritize awareness initiatives. This is as essential as having an identity solution or an endpoint protection service. Although the task of disseminating information to the organization is laborious and repetitive (constantly reminding everyone that "mycityofbirth123!" is not a secure password that can make you seem like a dull person in the organization), it is necessary because people need regular reminders. Repetition is essential. Do you know why you still remember your times tables? Repetition.

Today, we are going to learn how to withdraw the toil of spreading cybersecurity awareness, albeit implementing a regular schedule. We will orchestrate 2 tools, OpenAI and Slack (or Teams, Google chat, or the other one you wish to use), and show how you can set up a monthly reminder to be sent to the whole organization in under 5 minutes.

Creating a cybersecurity awareness assistant

A little bit more context and general chit-chat before diving into the How to.

The benefits of having a cybersecurity awareness assistant

As we saw above, spreading awareness and refreshing the basics is fundamental and will provide benefits such as:

1. Compliance with regulations: Many industries are subject to specific regulations and standards that require organizations to maintain an ongoing cybersecurity awareness program. Regular training helps ensure compliance with these standards, avoiding potential penalties and legal issues.

2. Enhanced risk mitigation: Regular training and reminders ensure that employees are aware of potential threats, making it less likely for them to fall victim to phishing, social engineering, and other cyberattacks.

3. Stay up-to-date with the threat evolution: The cybersecurity landscape is constantly evolving, with new threats and vulnerabilities emerging regularly. A consistent awareness program enables employees to stay up-to-date with the latest developments, ensuring that they can adapt to the changing environment and maintain the organization's security posture.

4. Strengthening the human firewall: Fostering a proactive security culture within the organization encourages employees to be more vigilant and take personal responsibility for their online actions. In empowering employees with the knowledge and skills to recognize and respond to cyber threats, a regular cybersecurity awareness program strengthens the organization's first line of defense – the human firewall.

5. Protecting brand reputation: Finally, a robust cybersecurity awareness program will help prevent data breaches and other security incidents that could damage an organization's reputation and customer trust.

Before diving in

Before diving into the technical how-to, ensure you have your OpenAI API ready, and your Slack API and App allowed to post on #general.

Here is a peek at the final Flow.

First steps: Flow creation and Schedule

As always, start by creating the Flow, naming it other than the SEO-positive title "Schedule: Monthly security awareness post"... Then, choose your emoji. Just like me, you can take the snail!

Once the Flow is created, hop into it and start by setting up your scheduled trigger. To do so, click the calendar icon next to the Flow's name to open the Scheduler.

• Select "At regular Intervals"

• Choose "Monthly"

• Then set the desired day, hours, and minutes.

• Chip chap, the scheduler is set.

Your cybersecurity awareness assistant through OpenAI: Creating the OpenAI call

Let's head to the steps-building part. It is going to be pretty quick. First, create a new step and select the OpenAI service. Once inside the available OpenAI actions, look for and cet "createCompletion" to create your OpenAI call.

To configure it, follow these steps:

1. Start by querying your OpenAI credentials in the "Settings" tab saved in the Vault.

2. In the "Model" field, type text-davinci-003.

3. In "Prompt", hard-type your desired prompt. It is up to you to decide what has to be included. As starters, it could specify:

1. The context: "As the Security officer, you want to write a friendly reminder about security best practices that employees should always follow."

2. Basic security sanity checks (what to look after when reading an email: source email address, hover above URLs before clicking on them, beware of urgency, etc.)

3. Remind that employees are the organization's first line of defense.

4. Remind the password-related requirements enforced in your organization.

5. Remind the incident's first steps and that people will never be blamed for reporting an incident. Don't try to hide something; it will be worse.

6. And every instruction you think shall be mentioned.

4. In "Max tokens", type 2048.

Posting the prompt to Slack

Once your OpenAI step is fully configured, dry-run it once to get the answer from OpenAI and the logs. After having done so, click the little square box next to the gear icon under the OpenAI step to create a new step. In the pop-over, select Slack and then get the chat_postMessage action. Once the action is created, configure it as such:

1. "Channel": Type YOUR_CHANNEL_ID.

2. "Text": Type "/" to open up the Data Picker tool. Select the OpenAI call under STEPS. Then, inside the BODY of the answer, select choice/0, and Pick the text field.You may want to add additional content to this message, such as content you wouldn't want to send to OpenAI: the Security team members' email addresses and/or names that shall be contacted, for instance.

Once done, your Flow is set! Trigger it manually to check if everything checks out, and go have a look at your monthly cybersecurity awareness post on #general!

One less thing to think about. On to other cybersecurity awareness tasks to automate!