A few years ago I was involved in a PR campaign to promote GDPR online training. In doing so I was catapulted into the world of data protection and cyber security - met some fascinating global experts and was instantly intrigued by the work they were doing (advising governments, sending satellites into space…) and their clear unilateral passion for quite simply encouraging people to stay safe online.
My online habits were bad. Don’t ask me about my passwords. I had yet to be inspired, despite endless annual ‘tick box’ training courses. But it also dawned on me, I probably wasn’t alone.
Concurrently, my comms efforts saw me consult with a very cool tech firm in the states – Lumen Consulting Group - who was delivering employee engagement with some very large corps, using a new learning approach. They had created an app where employees ‘learnt by doing’. Scores of staff were positively engaged with the programme because it was fun, relevant and overwhelmingly inspiring. Time and time again new strategies were cascaded through work forces with this new interactive way of communicating messages. Employees won t-shirts for earning points. Peers shared ideas in the social space. Employees were genuinely engaged.
“Light bulb moment. What if we brought this new approach to learning into the cyber security awareness space?"
Light bulb moment. What if we brought this new approach of learning into the cyber security space? What if we created a new cyber security awareness training experience that wasn’t simply about ‘telling people what to do’ but immersing them into an interactive, engaging, gamified scenario where the focus was all about making them behave more safely online. What if, with new safe online habits installed, they then brought those behaviours into the workplace?
As one expert advised – if you can improve 80% of your staffs online habits because you have created an experience that engages with them and works – just think what impact that would have across the entire organisation?
“Think of habit forming apps like Headspace, Duolingo but for online safety"
Fast forward 18 months and GoCyber is here. An interactive app experience that is all about driving new online safety habits, and changing people’s online behaviour for the better. Think of habit forming apps such Headspace, Duolingo, but for online safety and you’ll get the idea. We’re excited. We hope you are too.
“It doesn’t matter if you’re a high profile CEO or a 12 year-old girl just browsing the Internet. You can all be victims of cybercrime,” says River Oakfield founder and CEO Cal Leeming:
If a cyber security breach doesn’t directly affect your company it’s not your problem, right? Absolutely WRONG! Massive data breaches are a common occurrence and are growing exponentially. The trend seems to be that large corporate companies are aware of cyber security breaches from other firms, but tend to think it’s that company’s problem - not theirs. That way of thinking is quickly given some sobering reality; all are susceptible to the dangers of online cyber criminals. And reputational damage affects the bottom line directly and indirectly.
There are myriad reasons why security breaches are so prevalent. Topping this list is many large organisations, or just some of their employees, using third-party applications (ie. Dropbox, LinkedIn, and often using company credit cards to pay online). The list of companies that have employee indiscretions exposing security holes and now-public breach points is truly staggering. On top of that there’s the infamous and dreaded Mirai bot; there’s widgets being made with a default password and then given an IP address that are being picked up by network servers; there’s companies that have no business in cyber security selling useless blinking boxes under the guise of creating a false sense of security. The list goes on and on.
“Third parties get breached, and your information leaks. Breaches mean you lose money.”
Yet another situation companies have to face is the laissez-faire attitude of their employees. “Why should I care?” they might ask. Because, simply put, breaches mean your company loses money and credibility. There’s loss of consumer confidence, share price impact and the major expense of remediation downtime, to name but a few. With a small percentage of turnover actually generating into real profit, these factors can quite literally put a company out of business. On top of that, there are new regulatory watchdogs coming in that will present a company with a huge fine for a security breach within, one that might very well come in from a third-party application.
“We live in a society where we know the cost of everything and the value of nothing.”
But, it’s not just organizations and large companies that need to be wary, nay, frightened, of the cyber security pandemic. Perhaps worse yet, this type of digital crime is becoming so prevalent that people are becoming desensitized to it.
So who knows the truth of what’s going on out there? How well do companies know the inner workings of their cyber security protocols and the people in charge of monitoring them? It’s coming to the point where there are two types of companies in the world - those that have been hacked and those that think they haven’t been hacked. What is the true value of personal and corporate data? This is a vital soul-searching question that needs to be answered honestly and informatively. Do the research and seek out the advice. And budget accordingly.