- Phone: 0121 389 9022
- Email: sales@rs22.co.uk
CYBER SECURITY AWARENESS TRAINING
Your people are your first line of defense. RS22 equip your staff with the knowledge and skills to prevent and protect your business.
What is Cyber Security Awareness Training?
The obvious answer is that it’s a training programme designed to improve the Cyber Security Awareness of your working colleagues. It does what it says on the tin.
However, security awareness is not simply a responsibility limited to your IT department. Or even only to those who work for first hand with sensitive materials in their daily careers, such as accounts teams or legal departments. It is in fact an all-encompassing requirement for every member of staff, from the CEO to the newest starters. Any person within your company can be responsible for a temporary lapse in attention or a miscalculated click which may provide a cybercriminal with ample leverage to cause major disruption in your business, so every person needs to be aware of the best practices in IT Security to keep the whole organisation secure.
Why should you invest in Staff Awareness Training?
The facts certainly back this up. Ransomware is presently responsible for the largest Cyber Security heists in history, taking billions from some of the largest companies, and Phishing Attacks are by far and away from the most common. All it takes is one moment of weakness in your chain of defence to allow an attacker to gain access to sensitive materials. And the numerous end-users of your organization can undo enormous amounts of skilful preparation and defence strategy by simple, easy to avoid mistakes.
It is a serious challenge to educate and maintain all your staff’s awareness of the many threats that are emerging in the industry. And it’s a little like painting the Forth Bridge. By the time you get to the end, it feels like it’s time to begin all over again, simply because the threats have evolved so quickly.
Only by giving your staff regular Security Awareness Training can you hope to provide them with the ability to ‘take arms against a sea of troubles, and by opposing end them’.
The Types of security awareness training we offer
Trial-by-fire without the risk of getting burned. This is the best way to see in a snap just how likely or unlikely your colleagues are to click on suspicious links. This can also be customised to make it harder or easier to see. And the best bit is that if some of your team DO click on the link, you will not be opening yourself up to a costly or damaging cyber attack. They will instead be taken to a video which tells them what they’ve done wrong and tips on how to avoid making the same mistake in future.
This is when people attempt to use Voice or Telephone (known as Vishing) or Text Messages, (SMShing, smishing or simply SMS Phishing) to gain information that can be used as a platform that will lead to further attacks. This will be done to gauge how well your various departments cope and ensure that departments that have little requirement to focus on Security practices perform and give advice on what to do to minimise threats.
We can give advice on passwords that might be too vulnerable, weak or generally too easy to guess. This is an often overlooked part of the cyber security remit, and one that many other departments can become lax on over time as they suffer from the status-quo mindset. Just because it hasn’t happened before, doesn’t mean it can’t happen in the future, and using the same password for long periods is asking for trouble.
This educates on what Ransomware is, how it works, and how to spot tell-tale signals that all is not as it seems, in a fun and engaging way.
It is a sad truth that Insider Threats can be tremendously damaging to a business. Sadly, no amount of preparation can prevent a determined insider from wreaking havoc. On the bright side, by educating your team to keep an eye open for the warning signs and what to do when an Insider Threat is suspected, you minimise the damages done.
What does an awareness training schedule look like?
RS22 will help you choose the right way to provide Security Awareness Training for your team from our hand-picked vendor partners and Testing Services.
The customisable package that will suit you best depends on the size of your business, the methods through which you’d prefer to deploy the Security Awareness Training and at the times you want them to take place.
In consideration of recent global events it has certainly become far more imperative to train staff in best practices on Security Awareness; in part because the number of attacks have increased overall, and also because so many businesses have adopted a more flexible approach to working from home, and therefore expanding the perimeter to be made secure.
Therefore, we can help you by providing a programme to help educate your staff which will keep them interested through-out with practical take-away tips and areas of significance to look out for and also give them the flexibility to undertake the training at a time and in a way to suit them.
How can you tell if security awareness training is working?
However you choose to go about measuring the ROI of your Security Awareness Training is up to you but without sufficient clarity It can be a challenge to convince the Board to continue investment in Security Awareness Services. Therefore consider some of these Options:
Incident Reports by Frequency
Check to see if reports of incidents have increased since training began. The more incidents that are reported will indicate that your staff have begun to ‘see through the matrix’ and have started to develop greater clarity on suspicious activity.
Number of Phishing Emails reported by Percentage
By using the number of Phishing emails reported against the number of phishing emails unreported you can understand the percentage of Phishing emails that are being detected by your team. As this number increases you can be sure that your colleagues have taken on the practical advice and are beginning to understand the correct procedures to follow when suspicious emails arrive.
Cost of Incident Remediation
If you’ve been unfortunate enough to have had a data breach, malware infection or another kind of cyber incident in the past, use the remediation cost as a baseline prior to beginning your training. Use these figures to determine whether the training has provided overall reductions to specific incident remediation costs
Related Services
Reliable. Secure.
RS22
Unit 5, Three Spires House, Station Road, Lichfield, Staffordshire. WS13 6HX