How Do I Increase Staff Cyber Awareness?

We often get asked this question because making sure that staff are well informed and aware of online risks can stop major disruptions, data loss and financial losses, which can cripple a company.

Why do we need to do it?

In the past, it was bigger companies that were more frequently attacked and cyber security was seen as necessary for those companies, but optional for smaller companies. Things have now dramatically changed; the costs and complexity of launching these attacks has gone down dramatically, the number of smaller companies being attacked has gone up and a recent report from the Royal United Services Institute (RUSI) indicated that Cyber Fraud is the single biggest crime that British Citizens are most likely to be directly exposed to.

In addition, many larger companies realise that they can be vulnerable through their supply chain and so they are insisting that their suppliers have similar levels of cyber security, so many of our customers are now having to increase their own cyber security measures to be able to continue doing business with large companies. This may seem over the top until you realise that one large US store chain, Target, suffered a data loss that affected 41 million customers and cost $18.5m in fines, as a result of a hack into a supplier deep in its supply chain. The hackers then accessed Target through the supplier.

What can we do?

The good news is that we can all take simple steps to protect ourselves against these attacks. Judging by the fact that you are reading this, you already know that one of the key steps to better cyber security and resilience is increasing staff cyber awareness. The National Cyber Security Centre (NCSC) in the UK has great online resources to help staff stay safe and these provide a great snapshot of how to be more cyber aware. There is also a knowledge check to ensure it has been understood.

However, like any training, it’s only effective if it is repeated until the change is embedded and then it requires regular training to continue to be effective. If you want to stay fit and healthy you don’t go to the gym once, you repeat it regularly and vary your training so it remains interesting.

How can smaller companies do this?

Until recently only really big companies could afford to develop a programme of this type. That has now changed, and we are working with a company called uSecure who provide the tools that allow us to put together a regular, varied and interactive programme that engages staff and educates them.

This can now be done at a low cost (starts at £1.50 per user per month) and is automated to reduce management time. uSecure has been reviewed on Gartner, the technology publisher whose reviews are used by companies all over the world when selecting new software. uSecure’s tool kit can be used to create a programme of cybersecurity awareness training that is world-class and can protect our customer’s better by increasing staff skill levels.

What should we be doing?

Typically an awareness training programme should have the following features:

A programme that is both compliant and relevant – these can be tailored to the exact needs of the company
Doesn’t just stick to lectures
Has a regular training schedule
Measures training effectiveness and
Monitors overall key cyber security metrics

We can scope out and implement a programme to start to increase staff awareness and increase their ability to protect your company, enabling them to do their jobs without fear that they may inadvertently enable a cyber-attack.

I hope this has been useful and please leave your details in the form below so we can help you implement this.

Ready to talk IT?

Jake Thomas

16:16 18 Jul 22

A professional and very competent service. Everything is managed beyond expectation. Highly recommended.

Tom Chance

09:27 09 Mar 21

We engaged Lindsey and her team to improve our security, and implement Microsoft across our business. They did an amazing job, and worked tirelessly and with lots of patience until things were working perfectly. Lindsey really knows her stuff, and I was so impressed by her knowledge of IT and ability to the root of issues.

Tamara Cooke

14:09 17 Sep 20

EasylifeIT are always able to solve our IT issues. Their support team are helpful, patient and are happy to explain things to you if you ask. FYI I've not ticked good value as my employer pays the bill so I don't know!

Sherwin Currid Sherwin Currid

08:09 10 Jul 20

Easylife IT have looked after our cloud IT systems for many years now. We continue to be very happy with the service which is prompt and efficient. The team are very knowledgeable and stick with issues until they are fully resolved. I would have no hesitation in recommending them to others.

Nick Green

10:45 09 Jul 20

My business has been using Easylife IT for what must be around 10 years and I have not needed to look elsewhere in that time! As a small business we don't have IT capabilities in house and the backup service from Easylife has given us confidence knowing that our backs are covered. All issues dealt with remotely and for higher level issues the business owner will help out with friendly advice. I always feel their advice is good and charging is fair. I am a little surprised to see another review that appears to speak highly but giving a 4 star. Anyway it's definitely a 5 star from me! Highly recommended.

Blog