Blog

In part 2 of this 3 part series, Dr Alfred Rolington, explains how cyber training should be aimed at helping both employees and management deal with their cyber security requirements - and how this needs to be in 'real-time'.

These issues need to be understood and used by senior management for strategic and tactical planning by all aspects of your organisation. And one of the major issues that has become apparent, and is not focused upon enough, is the need for real-time cyber training.

Cyber security awareness training needs to take place within all organisations in order to significantly reduce the chances and risks of criminal success that are using cyberattacks and hacking methods to steal your data, money, company secrets and login information.

We are at the beginning of an electronic revolution, that like earlier industrial revolutions, is already altering and substantially changing and redefining our society.

"The development has been called a Cyber Innovation or Web 0.3, but is probably best described as the 4th Industrial Revolution and will be a new age transformation for the world"

This change is happening far faster than previous industrial revolutions. It began as a form of Information Technology but it is now developing and employing a range of emerging electronic technologies.

These technologies include 3D commercial production, data driven vehicles, robotic, bio-technology, AI and there is a blurring of physical, digital and biological elements to create a new techno-reality. And of course this is also changing and bringing new types of criminal activity.

You share in this new revolution as you are part of over half of the world’s population that now browses the Web, be it for work, shopping, social media, news, entertainment, or as part of the cyber-criminals on the Dark Web.

Each aspect of the organisation knows part of the solution but none knows the whole solution and the result is disjointed and dysfunctional education and training.

"Cyberspace can be visualised as an electronic nervous system running through many national and international sectors and systems."

Digital technology has already significantly rocked some industries like the publishing industry.

Publishing has been completely changed by digital technology and has allowed readers a far faster electronic engagement with issues, news and analysis.

However, as in all revolutions Cyber has a criminal down side and this also needs all of our engaging attention.

Cyber security awareness training needs to be more than a mere annual necessity. It needs to be an interactive and engaging experience that will solidify the employees role in the security posture of the organisation.

Why not discover what this approach could look like by reaching out to us at hello@go-cyber.com Visit our website www.go-cyber.com , follow us on twitter @GoCyber_app or join in our Linkedin community @GoCyber_app

In part 1 of a 3 part series, our highly regarded cyber security expert, Dr Alfred Rolington, explains why people should be at the heart of your cyber security investment strategy.

What has become very apparent in the last few years is that all employees, from senior management to part- timers, are the largest cyber security vulnerability that any organisation faces.

Businesses investing heavily in cyber security often base their investments on technology, but don’t sufficiently attend to the human side of the problem - which is a very important issue and requires cyber security training and engagement for all employees.

The reasons why employees are so important for the operations security is because often cyber criminals will perform attacks on an organisation using phishing emails and similar tactics, making employees the first line of defence that needs to be strengthened.

Of course, computers and apps aren’t clicking on phishing emails, humans are, so that’s where cyber security investments need to be focused.

Employees are also the ones with everyday access to many of the organisation’s computers, networks and systems, which means they play an important part in building resilience in the threat landscape.

This means that organisations need to spend more time and thought creating a more sophisticated cyber security culture and behaviour change within their organisation - training is a very important part of this process.

“A recent report by Cyber Security Intelligence showed that over 60% of most organisations employees have not received effective cyber security training"

Despite the fact that some organisations have a partial focus on developing cyber security awareness, few individuals actually understand their role in the organisation’s security culture.

A recent report by Cyber Security Intelligence showed that over 60% of most organisations employees have not received effective cyber security training, so it’s no surprise for instance that 96% of them still save passwords on their devices so they can ‘remember them’.

But when standard security training often means a bland instructional video or a boring PowerPoint presentation, we can’t really blame employees for a lack of awareness.

Effective cyber security training is difficult to do well. Security awareness training for end users is often too broad and sporadic to cultivate real needed skills for safe operation on networks.

Often the responsibility for cyber security dwells in IT, or information security, whereas responsibility for training resides in human resources.

Typically, IT specialists lack responsibility for and proficiency in training. HR professionals are uniquely positioned to understand the role of trained employees in cyber risk mitigation and to mediate solutions for an organisation’s cyber security challenges.

However, they often do not have expertise in cyber security and they may lack technical expertise in cyber defence.

Each aspect of the organisation knows part of the solution but none knows the whole solution and the result is disjointed and dysfunctional education and training.

"Cyber security awareness training needs to be more than a mere annual necessity"

Cyber security awareness training needs to be more than a mere annual necessity. It needs to be an interactive and engaging experience that will solidify their role in the security posture of the organisation.

Why not discover what this approach could look like by reaching out to us at hello@go-cyber.com Visit our website www.go-cyber.com , follow us on twitter @GoCyber_app or join in our Linkedin community @GoCyber_app

A few years ago I was involved in a PR campaign to promote GDPR online training. In doing so I was catapulted into the world of data protection and cyber security - met some fascinating global experts and was instantly intrigued by the work they were doing (advising governments, sending satellites into space…) and their clear unilateral passion for quite simply encouraging people to stay safe online.

My online habits were bad. Don’t ask me about my passwords. I had yet to be inspired, despite endless annual ‘tick box’ training courses. But it also dawned on me, I probably wasn’t alone.

Concurrently, my comms efforts saw me consult with a very cool tech firm in the states – Lumen Consulting Group - who was delivering employee engagement with some very large corps, using a new learning approach. They had created an app where employees ‘learnt by doing’. Scores of staff were positively engaged with the programme because it was fun, relevant and overwhelmingly inspiring. Time and time again new strategies were cascaded through work forces with this new interactive way of communicating messages. Employees won t-shirts for earning points. Peers shared ideas in the social space. Employees were genuinely engaged.

“Light bulb moment. What if we brought this new approach to learning into the cyber security awareness space?"

Light bulb moment. What if we brought this new approach of learning into the cyber security space? What if we created a new cyber security awareness training experience that wasn’t simply about ‘telling people what to do’ but immersing them into an interactive, engaging, gamified scenario where the focus was all about making them behave more safely online. What if, with new safe online habits installed, they then brought those behaviours into the workplace?

As one expert advised – if you can improve 80% of your staffs online habits because you have created an experience that engages with them and works – just think what impact that would have across the entire organisation?

“Think of habit forming apps like Headspace, Duolingo but for online safety"

Fast forward 18 months and GoCyber is here. An interactive app experience that is all about driving new online safety habits, and changing people’s online behaviour for the better. Think of habit forming apps such Headspace, Duolingo, but for online safety and you’ll get the idea. We’re excited. We hope you are too.

Why not discover more by reaching out to us at hello@go-cyber.com Visit our website www.go-cyber.com , follow us on twitter @GoCyber_app or join in our Linkedin community @GoCyber_app