08/12/17 | Red Team
Last month’s Cyber Smart Week, New Zealand’s cyber security awareness week, highlighted what your company should be doing to boost its defence against cyber threats.
While technology plays a big part in helping to defend businesses against cyber-attacks, the easiest target for cyber-criminals is often people. As we mentioned in one of our previous blogs, over 90% of cyber-attacks begin with “phishing” emails, in which an employee unknowingly clicks on an unsafe link.A recent Kordia survey of 225 IT decision makers found that more than a third of New Zealand businesses don’t have any form of employee cyber security awareness or training programmes in place. This is somewhat surprising considering almost half also stated their business had been targeted by phishing, malware or ransomware attacks in the past 12 months.
With ransomware and phishing on the rise – and with mandatory breach reporting coming into play in Australia – it’s more important than ever to ensure staff not only know how to spot common attack techniques, but also what to do if they think they’ve been breached.
Aura Information Security, a division of Kordia, has been running staff cyber security training sessions for many years. Usually this involves training smaller groups of people in a workshop-based format.
These work well but we saw an opportunity to develop an e-learning platform that allowed customers to train larger groups of people, regardless of their geographic location; and also enabled staff to do the training at a time that suited them. That’s why we created CyberWise.
CyberWise is aimed at helping everyone in a business become more cyber-aware – from the guys working in the field, through to front-of-house staff and the finance team.
How does CyberWise work?
CyberWise is an online subscription-based training module that’s hosted on our Learning Management System (LMS); or it can also be hosted on your own LMS if you have one.
It’s simple to use and only takes around 20-25 minutes to complete.
Users go through a range of examples – which are based on real-life threats discovered by the team at Aura – and are then tested based on what they’ve learnt in the course.
Throughout the module there is a wealth of useful advice, not just in a business context but also a personal context, so people can apply learnings both at home and at work.
Once an employee completes the training, they get given a final score on how cyber aware they are.
Generally we recommend people complete the training at least once a year, that way the learnings stay fresh in their mind and relevant as CyberWise is refreshed on a regular basis with the latest threats and best practice.
Know how secure your company is
With full visibility in the back-end, you can see who has and hasn’t completed the training and that enables you to identify any gaps in your security armour before cyber-criminals do.