Many businesses are coming to the realisation that their employees are their biggest vulnerability when it comes to cyber security and, with Cyber Awareness Month now underway, are investing in raising awareness.
This is, of course, a big positive. However, we regularly find the majority go about this the wrong way by focusing on ineffective short-term solutions and ultimately, under-calculating the real lack of awareness in their business. For a cyber-security awareness programme to be effective, it must focus on three crucial pillars; without these, it will not work.
The first pillar an awareness programme should focus on is human risk and behaviours. It is reported that the process of social engineering and phishing is responsible for 85% of successful human error breaches, which is why carrying out spear phishing tests is extremely important. Unfortunately, when we see these tests they are often very basic, sent out in mass and analysed on click rate alone – spear phishing tests are individually targeted at vulnerable personnel and are socially engineered using their digital footprints. Intqual-pro use state of the art software to measure and quantify human risk within your organisation, identifying individuals, departments and locations that are most vulnerable.
The second pillar that should be focused on is training that enables positive behaviour change. Individuals rarely receive recognition for increasing their skill set after a cyber awareness course and therefore their implementation of cyber security at work is often minimal.
The final crucial pillar of an effective cyber awareness programme is to sustain awareness levels. Traditional training programmes are often outdated and few, if any, have a robust metric for testing understanding and competence, leading to skill-fade the second an individual completes the course.
Now delivered in over 25 countries, the Cyber Stars Initiative is an effective and sustainable solution to cyber security awareness for businesses. The Initiative seeks to increase the knowledge and skills required to effectively mitigate cyber-crime in a business environment. The Cyber Stars Initiative is the only cyber security awareness programme with an official UK Government regulated qualification attached.
The responsibilities of a Cyber Star go beyond an increased understanding as they are responsible for educating colleagues of specific threats and ensuring that good cyber security is adhered to within their workplace.
On achievement of their qualification, each Cyber Star will be provided access to a Cyber Stars Portal to allow them to continue their awareness education. This portal can be filtered by sector to remain aware of specific industry threats and contains a range of educational materials and policy documents.
Cyber crime has been identified as the single greatest threat to businesses, with a successful attack costing a small business over $15,000 and a large business in excess of $1 million. Cyber crime continues to grow each year and the methods of criminals are constantly evolving. This alone is proof that current awareness schemes are ineffective.
Change your organisation’s cyber security culture before it’s too late!
Intqual-pro continues to expand and have become an industry leader in the design, development and delivery of intelligence, cyber and security associated qualifications. Based in Bedfordshire, you can contact Intqual-pro on 01234 381158 or email Enquiries@Intqual-pro.com. Alternatively, you can visit their website www.intqual-pro.com.