An interactive briefing with The Economist Group, UCL and AXELOS RESILIA
Many organizations continue to invest in multiple layers of ‘intelligent’ technical controls to protect themselves from cyber attackers. However security breaches continue to grow in their scale and im-pact. There’s something missing in our organisational response to the risks we all face. Hard won market reputations, competitive advantage and operation capabilities are all vulnerable and organi-zations need to be more resilient to attacks.
The stark reality is that the majority of successful cyber-attacks succeed because of human error – the unwitting actions of anyone in the organization, regardless of their role or responsibility. Effec-tive cyber resilience is as much about your people and their behaviours as it is about technology.
Our people and their behaviours should sit at the heart of an effective cyber resilience strategy. It requires a balanced and collaborative approach across the entire organisation – embedding the simple, practical and relevant guidance we all need to enable us to make the right decisions at the right time in keeping our most valuable and precious information safe.
In this vital area of staff training and development, one size doesn’t fit all. The current ‘all staff, once a year’ approach, does not influence, or sustain long-term behavioural change. At best, it reminds us of some essentials; at worst, it’s treated as a necessary evil, a distraction, and something to be com-pleted, and forgotten, as quickly as possible.
We need to take a different approach. One that moves beyond the annual ‘tick-box’ tedium approach and provides the simple, practical guidance everyone needs in ways that truly engage our people. So what can organisations do to provide more ‘effective’ awareness learning?
In this techUK briefing Nick Wilding, General Manager of Cyber Resilience at AXELOS Global Best Practice will be joined by Professor Angela Sasse, Professor of Human-Centred Technology at UCL and Vicki Gavin, Compliance Director, Head of Business Continuity, Cyber Security and Data Privacy at The Economist Group to present and discuss:
- The people vulnerability – the stories and the facts;
- Why typical cyber security awareness learning methods are failing us;
- What good awareness learning can look like.
The briefing is designed for CISO’s, IT Directors and those responsible for cyber awareness learning in their organisations.
The questions we would like to discuss during the briefing include:
- Why do most organisations continue to rely on the annual ‘tick-box’ training?
- How important is it for any awareness learning to be relevant and of value to the learner?
- What role does the board or executive team have in supporting and leading effective aware-ness learning?
- How important is using the appropriate language in ensuring your cyber awareness training demystifies and is seen as relevant and engaging?
- How do we encourage organisations to plan for and adopt simple and engaging training techniques for all their staff before a crisis occurs?
- What role do you think Government should play in educating people on some of the basics of cyber and how does RESILIA fit in with that?
- Who do you believe needs to be responsible and accountable for effective all staff awareness.