The Cyber Stars Initiative

Cyber StarsNow Delivered in over 25 Countries, the Cyber Stars Initiative is an Effective and Sustainable Solution to Cyber Security Awareness for Businesses

What is Cyber Stars?

Cyber threats will cost the Global economy an estimated $5 Trillion in the next 5 years.  It is estimated that over 90% of the attacks in the last 5 years have been facilitated by human error or a lack of cyber awareness. The Cyber Stars Initiative was developed to help reduce the cyber threat to business that is enabled through a lack of employee awareness and confidence. The Cyber Stars Initiative is the only cyber security awareness programme with an official UK Government regulated qualification attached.

The Cyber Stars Initiative is far more than just a training course, or even a qualification. Cyber Stars provides a sustainable solution to cyber security awareness in an ever evolving landscape.

The Cyber Stars Initiative is built upon three crucial pillars, without these, a cyber security awareness programme can not be effective.

  1. Profile Human Risk and Behaviours – We use state of art phishing and digital footprint software to measure and quantify human risk within your organisation. This enables us to identify the individuals, departments and locations within your business that are most vulnerable.
  2. Training to Enable Positive Behaviour Change – A programme developed by a combination of technical experts, risk managers and behavioural psychologists ensures maximum personal engagement and measureable behavioural change. The full Cyber Stars programme allows for the development of a network of qualified “champions” across your business, whilst Cyber Stars Lite ensures a clear metric for knowledge and understanding across the rest of the organisation.
  3. Sustain Awareness Levels – Cyber threats evolve on a daily basis and it is critical that employees are provided with an opportunity to remain current with threats. The Cyber Stars Portal provides an efficient and effective opportunity for non IT specialists to remain aware of cyber threat and spread awareness throughout their organisation.

Why do we Need Cyber Stars?

Cyber Security has been identified by both the UK Government and European Union as the single greatest threat to many businesses. The average cost of an effective cyber attack is now in excess of $1 million to a large business, to include Billions paid out in fraudulent invoices. The average cost of a successful spear phishing incident could cost a small business over $15,000.

The fact that both the volume of cyber crime and the financial impact of that crime has risen significantly each year since 2008, acts as clear proof that existing awareness schemes are not working. Traditionally, cyber security focus has been on IT professionals, executives and technology. Most organisations now have competent and qualified cyber security staff in place and we are increasingly aware of the critical infrastructure requirements. Therefore, the question remains, why do we continue to struggle to cope with cyber crime? The response is complex, yet there are some clear considerations:

  • Research indicates that as few as 10% of cyber attacks are actually a result of infrastructure inadequacies. The primary cause of cyber security breaches within a business environment is human error, most frequently caused by a lack of general cyber security awareness and the confidence to respond.
  • Cyber crime adapts at a far greater rate than existing training and awareness programmes. As infrastructure becomes more robust criminal actors seek to exploit the most vulnerable point within any network; the human.
  • We have developed a culture in which responsibility for cyber security awareness and education has been limited to specific individuals within IT and network security positions. As a result, the cyber skills gap has increased. Most companies have a significant lack of understanding and acceptance of responsibility throughout the wider workforce, leaving clear vulnerable points within the business.
  • Increasing levels of remote and mobile working reduce the ability for companies to manage the cyber threat as effectively, yet little or nothing is being done to increase awareness to the average system user.
  • For those companies with cyber security awareness programmes in place, few if any have a robust metric for testing understanding and competence.
  • Individuals receive no recognition for increasing their cyber awareness skill set, therefore personal buy in to cyber security at work is often minimal. The Cyber Stars scheme was specifically designed with a focus on educational psychology, ensuring personal engagement and acceptance of responsibility.
  • There is a huge misconception that cyber security and information security is the same thing. GDPR process charts and compliance will not protect a business from cyber crime. Operational disruption and reputational damage are increasingly more damaging to businesses that data loss/theft.

How Do Cyber Stars Work?

Traditional training programmes often lead to a skill fade from the second an individual completes that course. In an environment where cyber threats evolve at such a rate this often means that training is quickly outdated.  The Cyber Stars Initiative provides an opportunity for exactly the opposite. On achievement of their qualification each Cyber Star will continue their awareness education. Each individual will be provided access to a Cyber Stars Portal. This portal contains a daily threat feed which can be filtered by sector, so that Cyber Stars can remain aware of threats specific to their industry. It also contains a range of educational materials and policy documents, allowing cyber stars to spread cyber security awareness throughout their organisation and remain aware of evolving threats.

The responsibilities of a Cyber Star go beyond an increased personal understanding of cyber security. A Cyber Star is responsible for ensuring that good cyber security is adhered to within their workplace, educating colleagues and peers to specific threats. By qualifying a team of Cyber Stars, you are best placed to ensure organisation wide cyber security awareness and better still, a workforce that takes personal responsibility for cyber security, improving incident response, communication and business continuity.

All Cyber Stars will undertake the new ProQual Level 2 Award in Cyber Security Awareness for Business and as such will prove that they have the sufficient level of knowledge and competence to effectively implement an organisational level cyber security strategy.

Change cyber security culture within your organisation before  it’s too late.

Recent Testimonials

This session was one of the best I have attended through Barclays with relevance that transferred across both professional and personal life.  A great event and one I would certainly recommend.


Senior Product Manager, Barclays

“From the Cyber Stars delivery session and access to the online portal we have gained a further insight into how to protect our business from cyber-crime including malware, phishing, social engineering, invoice fraud and a greater understanding of our responsibilities relating to the reporting of cyber-attacks. “We identified how organisations are only as strong as their weakest link and how cyber security policy and training should include staff at all levels. The days of saying ‘it’s not my responsibility’ are now long gone as we are all potential targets.”

Kim Steward, Operations Director, THS Inspections

I just wanted to say thanks again for the programme, as a cyber security practitioner, I often don’t think about the bigger picture and this course really opened my eyes.


Senior Manager , HSBC

For more information about Cyber Stars please contact us at


  • Another course. What’s different from other courses?

This is a unique one day workshop and is specifically developed to be relevant to individual behaviour change, rather than why the company wants them to change. It is the only course with a nationally regulated metric of assessment.

  • How would I benefit?

The Cyber Stars Workshop is relevant personal development not only for work, but it provides practical guidance to help you and your family at home.

  • How does it help my career?

The Cyber Stars Workshop is an opportunity to develop skills relevant to your work and your future career and acts as a formal and recognised qualification in cyber security awareness.

  • This qualification – can I take it with me? Is it recognised?

Yes – Cyber Stars is the only OFQUAL regulated recognised cyber threat awareness qualification in the UK and it will be on your CV.

I’m not a technical person? I might not understand? How expert do I have to be?

The Cyber Stars Workshop is designed for full access regardless of technical ability. The course was specifically designed to develop an acceptance of responsibility within non-technical staff and encourage a shared responsibility. Equally, we have a range of technical experts on the programme that have found it beneficial in terms of understanding behaviour and threat.

  • I don’t have an IT/cyber background – will I cope?

The one day Cyber Stars Workshop is interactive, engaging and modular using practical real life examples from both work and personal environments, highlighting that very simple actions can significantly reduce risk.

  • I do have an IT background/qualifications – is this too simple for me?

Cyber Stars focuses on the behavioural aspect of cyber crime, exploring criminal methodologies and non technical exploitation. We have found hundreds of highly qualified IT practitioners have benefited from training that contextualises cyber risk and the non-technical aspects of risk.

  • Why me?

Given that 93% of data breaches are the result of human error at some stage and cyber-crime is estimated to cost each family almost £1000 per year by 2020, now is an excellent time to engage with threat and reduce personal risk.

  • Why would I be at risk?

Cyber threat is agnostic – anyone using a PC, tablet or mobile device at work, on the move or at home is potentially at risk. Non-financial data, to include personal or seemingly unsensitive corporate data can all be pieced together by cyber threat groups.

  • We don’t hold a lot of sensitive data, we don’t need cyber security training

Cyber threat is dynamic and ever evolving. Data theft is just one component of cyber threat, it is often system loss and operational disruption and associated reputational damage that is far more costly to a company.