David Speaks: Security Awareness Training

Did you know that as a FortiTech client your business has access to more than just proactive maintenance and IT support?

That's right, access to our vCIO David is also part of the package,  not only can David work with you on technology strategies but he can also deliver Security Awareness Training to your team, just like he did for 2 of our clients recently.

With human error making up 34% of notifiable data breaches in the OAIC's most recent report, many businesses are now recognising that educating their team on the intricacies of cyber security in day to day life is an important step to combating the persistent threat to their data security.

FortiTech offers both automated and tailored Security Awareness training and we have found that whilst the automated version gives a great base for learning, the tailored offering receives greater staff engagement and gives participants the opportunity to ask any burning questions (a whole 15 minutes worth of questions in our last presentation in fact!)

What is covered?

David's presentation gives your team an overview of cyber security, the common threats that staff will encounter as part of their roles and how to proactively combat them.   The presentation is designed to be highly engaging, delivered in plain English and with humour, David covers:

  • The business of hacking
  • Phishing – the #1 way cyber breaches occur
  • Social Engineering – whaling/spearphishing
  • Passwords
  • Multifactor Authentication
  • Secure Wi-Fi (or maybe not so secure)
  • USB key tools

David tailors the presentation to each client, focusing on key attack vectors for their industry and highlighting areas where existing measures are in place to combat cyber threats, such as tagging incoming external emails with [EXTERNAL] in the subject line to prevent hackers pretending to send email from internal email addresses requesting urgent payment of invoices for instance. This security measure is in place with both of the clients who recently received training and has been effective in reducing the risk of a breach.

What are the benefits?

Protecting your business is obviously the number 1 benefit of Security Awareness Training for your team, but it also extends further than that, it helps create a "security first" culture in your organisation and aligns with the 9 key areas that OAIC have provided as steps and strategies which may be reasonable to take to ensure your organisation secures its data inline with requirements, including:

  • Governance, culture and training
  • Internal practices, procedures and systems
  • ICT security
  • Access security
  • Third party providers (including cloud computing)
  • Data breaches
  • Physical security
  • Destruction and de-identification

Commissioner Falk from the OAIC noted that the latest figures on human error “ reinforces the need for organisations and agencies to take reasonable steps to prevent human error breaches, including training for staff who handle personal information"

And more importantly, feedback from our clients has been that David's presentations have helped "humanise" cyber security and gave practical examples of threats and steps staff could take to minimise them.

Where do we sign up?

David can undertake the training for your staff at a fixed fee, just give us a call or email to discuss your needs.

Before you go....

We will leave you with this little teaser video from David's presentation, created by Cisco, The Anatomy of an Attack highlights just how easy it is for a hacker to undertake a social engineering attack and cause havoc.