Four different types of security awareness training – and the pros and cons of each

Four different types of security awareness training – and the pros and cons of each

Generally speaking, traditional security awareness training is delivered in one of four ways: 1. Classroom-based training 2. Visual aids (including video) 3. Through simulated attacks 4. Computer-based training Resource challenges and environmental contexts often force those in security to decide which method or methods to include in awareness campaigns – and in which quantities each should be employed. In this post, we consider the four different types of security awareness training in turn, the pros and cons of each, and an alternative, increasingly favoured approach. 1. Classroom-based...
7 reasons why security awareness training is important

7 reasons why security awareness training is important

In 2018 data breaches cost UK organisations an average of £6.4 million. Human error, meanwhile, accounted for anywhere between 60% and 90% of those breaches. Those facts alone are usually enough to convince people security awareness training is important. Usually. Perhaps surprisingly, a recent CybSafe survey found that around 31% of businesses are without security awareness training whatsoever. A recent UK government survey, meanwhile, found UK businesses introduced fewer new security awareness training measures than they did in 2017. “Businesses are less likely to have implemented extra...
Security Awareness Training: The Old Definition and the New

Security Awareness Training: The Old Definition and the New

At the time of writing, Google tells us security awareness training is “a formal process for educating employees about computer security.”You can bet it’s a prevalent definition: the search engine sifts through every indexed web page ever written on the topic to return the single, succinct and simple sentence. It’s also a definition that’d be easy enough to guess. The trouble is, according to a growing number of CISOs and information security professionals, the definition is wrong. The even-worse news? The definition could be stopping us from preventing cyber attacks. Security awareness...
The ‘ABC’ guide to improving information security

The ‘ABC’ guide to improving information security

Most security awareness training attempts to raise awareness only. To decrease risk, security awareness training must raise awareness, change behaviour and build a culture of security. It’s an unfortunate fact, evident to both those who work in security and those who don’t, that security awareness training in its current form isn’t working. Security awareness training is now a regulatory requirement in many industries. Even in industries in which it isn’t, organisations large and small voluntarily invest in security awareness training in an effort to prevent data breaches. And yet data...
The top 18 questions we get asked about CybSafe

The top 18 questions we get asked about CybSafe

CybSafe’s many technological innovations often intrigue audiences during demonstrations – and elicit questions that aren’t necessarily run-of-the-mill. For CISOs researching cyber security awareness platforms, the top 18 questions we get asked about CybSafe include: 1. What is CybSafe and what does it do? CybSafe is a cloud-based unified cyber awareness platform that demonstrably reduces human cyber risk as it relates to awareness, behaviour and culture. People aren’t perfect. Knowing this, criminals often target people when launching cyber attacks. If people can spot attacks, they can stop...
Award-winning cyber security awareness platform CybSafe secures £3.5m Series A investment

Award-winning cyber security awareness platform CybSafe secures £3.5m Series A investment

Here’s a note from our CEO, Oz Alashe… Wow. We’re super pumped about life right now. This is because following an investment of £3.5m in Series A funding, our award-winning cyber security awareness platform is poised to explore new territory and continue breaking boundaries when it comes to combating cyber attacks and reducing organisations’ human cyber risk. CybSafe is the world’s first truly intelligent cyber security awareness platform As things stand, our CybSafe platform is the world’s first truly intelligent cyber security awareness platform using AI, machine learning and...
Calculating your true phishing vulnerability

Calculating your true phishing vulnerability

Phishing vulnerability assessments and phishing susceptibility rates rarely tell the full story. How can companies calculate their true phishing risk? Have you ever wondered whether your reduced phishing susceptibility rate really shows your true phishing vulnerability? Or wondered why it may be low one week but spike the next? Read on to hear our thoughts on why, if not applied correctly, susceptibility rates are a lazy metric of phishing vulnerability and why many Awareness and Education teams (and Boards) find themselves questioning whether they really add the value they had hoped….....
Is “domain dependence” limiting our cyber security awareness?

Is “domain dependence” limiting our cyber security awareness?

Domain dependence causes our points of view to change in different domains – and it could be limiting cyber security awareness campaigns… Let’s talk domains. Not web domains, but domains in life. Areas, specialisms, disciplines – call them what you want. As humans, we tend to base our worldviews on our experiences in various domains. It’s a useful skill that, for the most part, helps us navigate through life effortlessly. But it does mean that, whenever we’re unfamiliar with a given domain, it can be difficult to recognise risk. This phenomenon is called ‘domain dependence’ and it...
Traditional cyber awareness programmes are failing to keep people safe online

Traditional cyber awareness programmes are failing to keep people safe online

Here’s how to markedly increase their effectiveness At some point in recent history, firefighters were tackling a domestic kitchen fire in Cleveland. After locating the fire, the firefighters doused the modest flames with water. But, for some reason, the small fire refused to relent. So the team blasted the fire a second time. Again, nothing happened. The firefighters were puzzled. Suddenly, the team’s lieutenant sensed something was wrong. Without thinking, he screamed at his team to exit the building. Sensing his panic, the team quickly obliged. Moments later, the building’s floor...