Boost your cyber hygiene during Cybersecurity Awareness Month
October is Cybersecurity Awareness Month. The importance of cybersecurity has dramatically increased during the COVID-19 pandemic, and today, cybercrimes can harm not only financial and informational assets but human lives. That is why it’s crucial to know about potential threats and be able to properly respond to them.
Despite rapid technological progress, the “human firewall” is the first and most important instrument of perimeter protection. According to the 2019 CIRA Cybersecurity Survey, 71% of Canadian organizations reported experiencing at least one cyberattack in the past year. The most common response (adopted by 57% of organizations) was training employees in cybersecurity. Organizations with under 1000 employees that reported conducting integrated cybersecurity awareness training that included both computer-based learning and phishing simulations reported a 2.2 times reduction in incidents that impacted desktop users.
“Cyber hygiene training is an established practice, but it is being reinvented today, and now we are seeing a boom in complex cyber hygiene programs. What plays a crucial role is the quality of the educational program” says Andriy Palayev, Business Development Manager at ISSP Canada. “Cyber hygiene is a culture, not a one-off activity. It should be regular and enriched with internal corporate messaging and practical exercises such as phishing and/or candy drop techniques, so any behavior-based cybersecurity risk won’t affect your business continuity.”
The e-learning Cyber Hygiene course from ISSP is built on the CybExer Technical Platform, which is an effective interactive tool consisting of a training module and two separate testing modules for identifying risky behaviour in cyberspace. Phishing attack simulations are also included as a practical test for social engineering and online training.
The course focuses on three groups of employees (managers, regular users, and IT specialists) and shows participants how to how to solve specific problems and mitigate specific threats associated with each of these groups. The online e-learning platform can be deployed on-premises or delivered as a cloud-based managed service. One of the most important features of this platform is that it doesn’t evaluate pass or fail criteria. Instead, it identifies risk areas for individual employees.