Two Sides of Security: An RSA Conference 2019 Retrospective
A look back at RSA Conference 20192 The 2019 RSA Conference was held in San Francisco on March 4-8. This is one of the best-known security...
One of the great quotable movie scenes of all time is the scene in the third Indiana Jones movie, Indiana Jones and the Last Crusade, where the ancient Knight guarding the Holy Grail gives a heads up to the Nazi treasure hunter and Indiana Jones to “choose wisely”.
As you may recall, the Nazi chose the ornate golden chalice, believing it was “fit for a King”, while Indy chose the wooden “carpenter’s cup”. Indiana thought about the person, who Christ was, and what he would have used. A savvy metaphor for many decisions in life, and can also apply to how you choose cybersecurity awareness.
There are a range of cyber awareness training solutions on the market today, and some even offer some courses or functionality for free. Free is great, and it has its purpose and time, and can indeed be useful if you are just getting started or have no other options.
There are 3 types of cyber awareness training we’ve seen on the market (well TBH it’s our competitor analysis too so our work is now your gain!)
SOME of the content is free and then you pay when you need more (and you probably should always need more). So free upfront, but then will cost you to stay or cost you to move. So not free free.
Off the Shelf “e-learning modules" are single-buy “courses” or cyber awareness video packs. Great because they are cheap and scale. Bad because they are often old and ineffective for any real learning or change- when was the last time you were motivated to change all your bad passwords because of one two-minute explainer video? So, yeah.
Platform Vendors deliver courses or learning programs through an online platform. Usually charged per user per year there is a wide range of styles, approaches, prices, and functionality- so it’s good to have a vision of what you need and what you want to get out of a program before you start down this road (for a guide on how to do this and free resources, check out our blog good better best HERE)
We’re assuming that you know what cyber awareness training is all about. You know that your company and its people need to learn how to become more cyber-secure, and you’re now looking at solutions and learning how they work.
Here are a few helpful questions and facts that can help you as you decide what’s best for your company, your employees, and your budget.
Idea: Why not set up a focus group to understand how other departments and seniority levels find each tool to see which meets the needs of a program and engages the masses?
Your wishlist doesn’t have to include all of the above, some listed may be more important than others, but make sure to understand what matters to your business and review each option against the list. We’re not saying don’t do it, we’re saying if you are going to do it, do it well.
Many larger organizations have rushed out programs or delivered dull content at scale and actually turned the sentiment of the users against them. From e-learning modules that go on for 40 minutes to repeating the same modules year after year for compliance- we have heard countless stories of people who felt bored, afraid, guilty, confused, and ashamed because of the cyber training experiences of yore. There is a better way.
f you didn’t start with the basics, if you haven’t trained on a holistic set of cyber and digital safety topics- now is the time to start. The cybercrime explosion, the complexities of remote working, and the still uncertain future mean that a clear, safe, easy path is not the future for all of our businesses. The journey to creating cyber secure humans isn’t complete with one slide deck, a few e-learning modules, or a short burst of ‘training’.
What do we mean by cyber-secure humans?
Well, that we know about and we take our digital selves and security as seriously as we do our home and car security. We know the local rules of the road when we get our driver's license, we (should!) know enough about how a car works and what to do (or who to help when something goes wrong like a mechanic). We know to lock it when we go out, to install layers of security when needed, and to always keep an eye on our surroundings. That’s what we are really after here at The Cybermaniacs, to help as many people as we can to take charge, responsibility, and be engaged with digital safety. (We can wax rhapsodic on this for hours, sorry, moving on).
So at the end of the day, free can get you from A to B. Or give you a quick start. But where on the alphabet do you want to be? Is your industry at greater risk? Is your team already pretty cyber-savvy or nah? Are your partners or customers concerned (and asking in a contractual form which many many more are to date), about the state of your cyber security?
Most of what is listed here in the FREEBIES are tasters; a comprehensive program ticking all your boxes will come at a price but will save you oodles of cash by developing a secure workforce, who are savvy and know their roles, responsibilities, and how to report their suspicions.
Trying something new or innovative can require a leap of faith. But the rewards are worth it once you cross to the other side!
Thinking longer-term, and not just about what will get you through the next audit means:
Securing humans provides an extra level and line of defense for your company against cybercriminals and digital errors of all kinds. Remember, MOST data breaches rely on human error, action, or activity. Can you afford to not secure your humans through a shoestring awareness program?
Don’t let budget be a barrier to an awareness program, and free is better than nothing at all, understanding the caveat that it won’t meet many important requirements.
A look back at RSA Conference 20192 The 2019 RSA Conference was held in San Francisco on March 4-8. This is one of the best-known security...
4 min read
Looks like your hacker wants to have a chat with you Let's cut to the chase; we humans think we are rational beings. We really, really do. However we...
6 min read
Everybody's Saying It. Literally. Everybody. The Most Important thing about (enter company here) is our people. Ever since Peter Drucker started...
3 min read