Educating employees to be Cyber Risk Aware is the key to having an effective cyber resilience strategy.
Cybercriminals are targeting people not systems and therefore so should Information Security Officers.
$71.1B has been spent on technical security defences yet the number of incidents continues to increase. Now is the time to implement a “data-driven” security awareness and compliance training program and move away from a "scheduled spray and pray" approach
Human error is the root cause in over 90% of all security breaches. However, people can be disturbingly carefree, blissfully unaware of the risks they take, resistant to change and think cyber security is only the responsibility of those in IT. Unfortunately, employee mistakes lead to security incidents all the time - and cost people their jobs. To create an effective security aware culture, employees need to know what to do and be helped in their exact moment of need, i.e. when they take a risk and they don’t even realise.
Wouldn’t it be fantastic if you could automatically help a staff member if (when) they were to click on a link in a phishing email, open a malicious attachment, plug in an insecure USB device, download free software from the internet, save data in the wrong location or even worse send it to the wrong person? Well, now you can! You are no longer limited to providing staff with useless “Block Page Messages”, whereas now you have the ability to send meaningful messages that staff can actually learn from, across multiple modes of communication such as Email, Skype, SMS, SLACK for example.
You can explain to your staff the risk that they just took, what the impact could be to them personally and to their employer. Why is this important? So, they don’t try to circumvent the control and importantly you are minimising the risk of them repeating the same action again in the future. Alternatively, you could send the staff member the relevant snippet from a company policy document tied to the specific user activity that just took place.
Cyber Risk Aware’s unique, game changing “Real-Time” Training capability, closes the circle on effective cyber risk management and meeting compliance obligations by integrating technical defenses with security awareness, policy and compliance training.
Whilst employees carry out their day to day tasks and you’re monitoring the network, we’re able to capture user activity alarms and transform them into data insights for managing employee cyber and compliance risk.
Whether it be reminding staff of their responsibilities or providing training at their exact moment of need on how to protect themselves, the network, adhere to company policy or regulatory requirements such as AML, KYC, for example, the possibilities are endless.
Security Officers can now maximise the return on their security investments, expend budget and effort where it is really needed, safe in the knowledge of having human error under control.
Lack of Staff Cyber Security Awareness and Human Error - Resolved.
"Our IT Security Team have seen a significant reduction in requests from employees checking if an email is something legitimate or spam/fraud as they are now more aware."
"The deployment was very quick and our IT department were extremely impressed with the fact it was non-intrusive and simple to deploy. The ability to generate personalised phishing emails was simple and very effective. I can highly recommend the service."