Contact Sales
Digital Learning and Compliance

Cyber Security - we all have a role to play

Nick Wilding, General Manager of Cyber Resilience at our content provider RESILIA shares some key learnings from his experience in offering GCHQ-certified online cyber awareness training that can help organizations combat the ever-growing cyber threat.

Posted 19/07/2019

This is what the FCA reported in March this year in a new cybersecurity industry insights paper. The paper was published to help organizations across the financial services industry build their understanding and interest in innovative cyber practices.

The reality is that organizational resilience and security against growing cyber-attacks really is a team sport. The great majority of successful cyber-attacks succeed because of the mistakes we make – clicking on a suspicious link or attachment, sharing personal information on social media that can be used against you, continuing to rely on poor passwords, accessing sensitive information via insecure public wi-fi…the list goes on.

Annual information security awareness training does little or nothing to build the right culture and environment for behavior change. For many in financial services organizations, it’s ‘tick-box tedium’. Like any technical security control in our organization, any awareness training must be effective.

In their paper the FCA go on to say:

It’s all about making sure we are providing our people with the appropriate digital skills that will instill and sustain the right behaviors across our workforce …whether you’re in the boardroom or on the frontline.…on a continuing and engaging basis. The challenge remains how we can truly engage our workforce so they feel they have the know-how, confidence, and motivation to do the right thing at the right time in the face of growing and ever-changing cyber threats.

There are some key learnings from our experience in offering GCHQ certified online cyber awareness training to client organizations that can help:

 Provide story based training about how your workforce can better protect their own or their families’ information;

Nugget based (microlearning) training that’s aligned to your particular risks assist in giving simple, practical advice quickly and concisely;

Demystify cyber security through plain English to explain the risks we all face at home and at work;

A managed campaign that provides regular refreshers and reminders (online and offline) works well in reinforcing behaviours and building collaboration;

Offer training that’s aligned with the tasks your people perform as part of their job;

Make sure you track adoption rates, progress against your targets and to identify common gaps in your people’s understanding;

Use gamification and other new training techniques to immerse yourselves in recognizable scenarios, like games, to grow understanding and memory retention, and finally;

Involve your people in finding out what’s working and not working so well in your campaign. They’re your audience and will be a source of great new ideas.

Our digital skills need to play a key role in our organizational resilience. It really is a team sport and we need to make any training engaging, relevant, and fun to motivate all our people to do the right thing.

About RESILIA: As part of AXELOS, RESILIA provides cyber resilience best practice training to clients around the world. RESILIA Frontline is GCHQ certified cyber awareness training that provides engaging, immersive, short, and cost-effective online awareness learning for all staff.

 

Explore our Access Digital Learning and Compliance software