Awareness education is critical for effective Cybersecurity
Nurture Marketing Specialist at Kineo APAC
Kineo Courses is delighted to announce a Cybersecurity course with a difference, developed in collaboration with DEfactoED, an online Digital Education provider that helps corporates to build digital capability and create adaptable mindsets in their businesses.
Cybersecurity is one of the most costly threats to businesses today - and one of the least well understood. There are many digital courses available to support learning gaps within cybersecurity and yet DEfactoED has identified that the biggest culprit of all is very often overlooked. Mark Seneschal, DEfactoED Director shares his insights with us here on the biggest underlying risk that threatens our security and how the impact of this learning will significantly help reduce potential breaches and drastically improve security.
The prevailing perception of Cybersecurity is that it’s the IT Department’s problem. Rows of IT geeks sitting in front of screens doing arcane and mysterious things with technology to keep the hackers at bay. But while the IT Department and technology have a vital role to play in protecting against Cyber threats, reliance on them alone is almost certain to be inadequate. After all, it only takes one email containing a bogus link to get through the defences, and then the question is whether someone clicks on it. And users are much more likely to click on the link if they haven’t been made aware of what to look out for.
In fact, evidence suggests that at least two-thirds, and possibly as many as 90 per cent of all Cyber breaches involve some form of human action, error or omission on the part of employees or other insiders. Sometimes these acts are deliberate, for example by disaffected employees or those who may be leaving, but mostly they are innocent and inadvertent. Most of us have at best only a partial appreciation of what to do and what to look out for in avoiding Cyber risks, and easily fall prey to the hackers’ whiles. This in turn reflects the prevailing perception of Cybersecurity as a technology problem for the IT Department to worry about, because if technology is the solution, then why should there be any need for organisations to put time and resource into educating their employees about good Cyber practices and hygiene? And research shows that many – probably most - organisations are following this logic: for example, in a 2018 survey by PWC of 9500 executives across 122 countries only 34% said that their company had an employee security awareness training programme; and the UK Government’s 2018 Cyber Security Breaches survey found that only a fifth of businesses and 15% of charities had had any staff attend cyber security training in the previous 12 months.
Moreover, it’s clear that existing approaches to Cybersecurity are proving inadequate to meet the threat being faced – Accenture’s 2019 Cost of Cybercrime study reported an 11% increase in the number of Cyber breaches between 2017 and 2018, as well as a 12% increase in the average cost of each breach. And this trend is likely to continue, until everyone’s understanding of the threats, and how best to guard against them, is vastly improved. Which comes back to education and awareness. But according to the Accenture study, ‘Training employees to think and act with security in mind is the most underfunded activity in cybersecurity budgets’.
We will shortly be unveiling DEfactoED’s Cybersecurity course that stands apart with its high level of interactivity, incorporating subject matter expert video content that includes Professor Alan Woodward, a specialist cybersecurity computer scientist who will introduce us to the 7 Deadly Sins...that can lead us to do something online that we shouldn’t.
The Cybersecurity course objectives include information on cyber attacks, the strong relevance of human behaviour, compliance around the sharing of personal information and related security measures. Organisational leaders and learners alike can benefit from measurable learning outcomes, that can swiftly be put into practice in the workplace.