This is what the FCA reported in March this year in a new cybersecurity industry insights paper. The paper was published to help organizations across the financial services industry build their understanding and interest in innovative cyber practices.
The reality is that organizational resilience and security against growing cyber-attacks really is a team sport. The great majority of successful cyber-attacks succeed because of the mistakes we make – clicking on a suspicious link or attachment, sharing personal information on social media that can be used against you, continuing to rely on poor passwords, accessing sensitive information via insecure public wi-fi…the list goes on.
Annual information security awareness training does little or nothing to build the right culture and environment for behavior change. For many in financial services organizations, it’s ‘tick-box tedium’. Like any technical security control in our organization, any awareness training must be effective.
In their paper the FCA go on to say:
It’s all about making sure we are providing our people with the appropriate digital skills that will instill and sustain the right behaviors across our workforce …whether you’re in the boardroom or on the frontline.…on a continuing and engaging basis. The challenge remains how we can truly engage our workforce so they feel they have the know-how, confidence, and motivation to do the right thing at the right time in the face of growing and ever-changing cyber threats.
There are some key learnings from our experience in offering GCHQ certified online cyber awareness training to client organizations that can help:
Our digital skills need to play a key role in our organizational resilience. It really is a team sport and we need to make any training engaging, relevant, and fun to motivate all our people to do the right thing.
About RESILIA: As part of AXELOS, RESILIA provides cyber resilience best practice training to clients around the world. RESILIA Frontline is GCHQ certified cyber awareness training that provides engaging, immersive, short, and cost-effective online awareness learning for all staff.
Explore our Access Digital Learning and Compliance software