Despite 82% of businesses stating that they see cyber security as a high priority for senior management, only 17% of small to medium businesses provided their staff with awareness training on how to detect a potential cyber security threat.
Your staff should be at the centre of your cyber security strategy, but as the largest ‘attack surface’ for your organisation, they can also serve as your greatest defence against cyber threats.
By raising awareness and training your team to be a human firewall, they are more likely to spot potentially malicious activity such as a phishing emails, follow best practice in setting secure passwords and protecting accounts with MFA, and consider the security of their remote working environment.
Cyber security hygiene
Basic cyber hygiene principles can mitigate the majority of cyberattacks, so it is crucial that you build a positive cyber security culture in your organisation. This will keep your staff engaged, encourage them to report incidents without fear of repercussions, and allow for actual or suspected cyber security incidents to be raised, triggering an incident response process.
What we offer
- Creation of bespoke awareness training covering the current threat landscape including threats relevant to your industry, industry best practice in line with guidance from the National Cyber Security Centre (NCSC) delivered in person or remotely
- Partnering with CybSafe which allows us to deliver a customisable training platform; providing regular training, reminders for refresher sessions, deployment of phishing simulations, and reporting mechanisms
- Creation and delivery of board level threat briefing, highlighting threats to your industry and providing guidance and insights into industry trends
- Facilitation of both remote and in person table-top exercises to raise awareness of both cyber security and business continuity with senior managers using rehearsals and/or our board game, Udder Disaster (find out more here)
- Customised specialist training around specific topics including disaster recovery, incident response or data protection.