How and why to help your staff development around cyber awareness?

Lets start with why:

I was reading a post in a recent IT group chat. The poster wanted to know how to handle phishing issues they had recently in their company. Over 40 IT providers replied with technology solutions. Only 1 mentioned providing staff training. We need to arrive at the understanding and mindset that cyber security needs both technical and human solutions. Not one, not the other but both are needed to secure your organisation against cybercrime.

There are many theories and offerings around technology solutions. This part of the equation is becoming understood by business owners – but there is still some way to go. The understanding and acknowledging of how important the human factor plays in Cybercrime protection is an area business owners are only just starting to come to terms with. In fact, this is so entwined with the technology solution, humans can be the difference to successfully defending against Cybercrime in this crazy new world.

So, lets focus on how:

Humans are your strongest line of defence, but one-off security awareness training alone won’t transform user behaviour. Your staff are all at different stages in their cyber understanding. To be successful you need to identify each user’s security knowledge gaps and automate training programs to close these gaps. This is the way for building a security-savvy workforce. There are training platforms designed for delivering cyber security awareness as an ongoing service to your staff. The training is customised to the staff members needs so some staff may have advanced training while others may start at introduction training and grow.

Humans can be the strongest line of defence against evolving cyber threats. They just need the right tools to help them protect their organisation. Businesses, need to be empowered to measure, mitigate, and monitor their human cyber risk, without having to sacrifice productivity.

This is done through four key modules:

  • Phishing Simulation – A controlled email is sent to your team with known threats, automatically deployed to assess user vulnerability to a range of attack techniques. If a staff member makes a mistake, training on why and what to do next time occurs. Allows you to build your teams confidence without the nasty impact of a mistake of clicking on the wrong thing.
  • Security Awareness Training – Using a short gap analysis questionnaire, identifies each users’ weakest areas of security, gathering results into a customised training schedule to be developed, in line with their gap analysis (all staff are individuals and need to be treated this way). Schedule individual and automated training programmes with micro sessions, to fit in with your staffs workload.
  • Dark Web Monitoring – to the heart of where cybercrime begins. Continuous monitoring detects when sensitive company data (eg usernames or passwords) have appeared in a data breach, which could be used for targeting attacks.
  • Policy Management – Company Policy Management as a service, complete with a range of Policy Document templates. Store and amend documents in one centralised location, making it easy to find, send and revise different policies. Plus, create policies from scratch using an in-software editor tool with version control.

As we continue to evolve and adapt to this post covid world, developing your staff’s cyber awareness, while not impacting productivity, is critical. We can help you come up with a cyber awareness training plan to suit your business. Find out more.