How should CIOs prepare teams for cyber threats?
April 16th, 2018
With new cyber threats appearing constantly, it’s important that a business keeps on top of these.
CIOs need to have a rolling training program to ensure that staff within a business are aware of all the major cyber threats which target the end-user. For example, social engineering, phishing, theft, data leakage, etc.
It’s important that classroom-based training occurs at induction or soon after. In the main, web-based online training systems do not deliver the same impact. Users often simply click next and have a pop at the answers in an online test. Classroom-based training is much harder hitting and typically raises awareness and increases retention of risks.
Post initial training, you should regularly update staff about changes to the threat landscape and to reinforce the basics. Online solutions are, typically, a good fit because training is quick and easy. Generally, some form of test post-training is sensible to assist with the retention of information.
It’s certainly beneficial to test staff without their knowledge. Let them know that this will happen periodically. Example tests will be things such as picking up data from a printer to look for sensitive material, call in from an external source pretending to be from IT asking for details to connect onto a desktop or compose a phishing type email.
Training and testing staff regularly goes a long way in ensuring the security of your business as many serious cyber threats target staff.
Flexible working could have “unexpected consequences”
From April 2014, all employees in the UK will be given the right to request flexible working from their employer. For many businesses, this is a concern, and rightly so. A large-scale take-up of flexible working can change the dynamic of a workplace on multiple levels. Robert Rutherford, CEO of business and technology consultancy firm […]
Which type of IT support is best for my business?
One of the easiest ways for companies to gain other business efficiencies is to outsource part, or all, of their IT to a managed services provider. There are many options available and in today’s blog, we will discuss what each one will typically include. While the exact names may vary dependent on the provider, the following […]
6 reasons your business continuity plan is weak – and how to fix it
Business continuity planning involves creating a strategy to prevent, reduce and recover from risks to an organisation. Many organisations still have business-impacting IT outages that should be avoidable, or quick to recover from. There are six key reasons why these types of IT outages continue to impact businesses. 1. Not understanding risk Most businesses would […]