Cyber Stars Initiative
Cyber threats cost Global business an estimated $400 billion in 2015. Up to 93% of those attacks were facilitated by human error or a lack of cyber awareness. The Cyber Stars Initiative was developed to help reduce the cyber threat to business generated by a lack of employee awareness and confidence. The Cyber Stars Initiative is the only cyber security awareness programme with an official UK Government regulated qualification available here in Australia.
The Cyber Stars Initiative is far more than just a training course, or even a qualification. Cyber Stars provides a sustainable solution to cyber security awareness in an ever evolving landscape.
Why do we Need Cyber Stars?
Cyber Security has been identified by both the UK Government and European Union as the single greatest threat to many businesses and Australia is next in line. According to the Australian Prime Ministers Cyber Security Review the annual loss from cyber security incidents are as high as $17 billion or 1% gdp with the average cost of an effective cyber attack now in excess of $1 million.
The fact that both the volume of cyber crime and the financial impact of that crime has risen significantly each year since 2008, acts as clear proof that existing awareness schemes are not working. Traditionally, cyber security focus has been on IT professionals, executives and infrastructure. Most organisations now have competent and qualified cyber security staff in place but the question remains, why do we continue to struggle to cope with cyber crime?
Research indicates that as few as 10% of cyber attacks are actually a result of infrastructure inadequacies. The primary cause of cyber security breaches within a business environment is human error, most frequently caused by a lack of general cyber security awareness and the confidence to respond.
Cyber crime adapts at a far greater rate than existing training and awareness programmes. As infrastructure becomes more robust criminal actors seek to exploit the most vulnerable point within any network; the human.
We have developed a culture in which responsibility for cyber security awareness and education has been limited to specific individuals within IT and network security positions. As a result, the cyber skills gap has increased. Most companies have a significant lack of understanding and acceptance of responsibility throughout the wider workforce, leaving clear vulnerable points within the business.
Increasing levels of remote and mobile working reduce the ability for companies to manage the cyber threat as effectively, yet little or nothing is being done to increase awareness to the average system user.
For those companies with cyber security awareness programmes in place, few if any have a robust metric for testing understanding and competence.
Individuals receive no recognition for increasing their cyber awareness skill set, therefore personal buy in to cyber security at work is often minimal. The Cyber Stars scheme was specifically designed with a focus on educational psychology, ensuring personal engagement and acceptance of responsibility.
Following the delivery of the Cyber Stars Initiative we are then able to retest this level of risk at regular intervals to prove the increased level of resilience within your organisation and identify those individuals that require further training.
How Does Cyber Stars Work?
Traditional training programmes often lead to a skill fade from the second an individual completes that course. In an environment where cyber threats evolve at such a rate this often means that training is quickly outdated. The Cyber Stars Initiative provides an opportunity for exactly the opposite. On achievement of their qualification each Cyber Star will continue their awareness education. Each individual will be provided access to a Cyber Stars Portal. This portal contains a daily threat feed which can be filtered by sector, so that Cyber Stars can remain aware of threats specific to their industry. It also contains a range of educational materials and policy documents, allowing cyber stars to spread cyber security awareness throughout their organisation and remain aware of evolving threats.
It is then the Cyber Stars’ responsibility to access that portal on a regular basis and identify current and emerging cyber threats. The Cyber Star is then a nominated point of contact for circulating that awareness throughout their wider area of responsibility, ensuring a sustainable and holistic approach to cyber security education within a business environment.
Studies show that employees are far more receptive to information when it is transferred at a “peer to peer” level, rather than enforced through a hierarchical structure. The Cyber Stars initiative involves changing the organisational culture related to responsibility for cyber security. We do this by qualifying chosen members of staff from within each department to act as a Cyber Security Representative. The responsibilities of a Cyber Star go beyond an increased personal understanding of cyber security. A Cyber Star is responsible for ensuring that good cyber security is adhered to within their workplace, educating colleagues and peers to specific threats. By qualifying a team of Cyber Stars, you are best placed to ensure organisation wide cyber security awareness and better still, a workforce that takes personal responsibility for cyber security.
All Cyber Stars will undertake the new ProQual Level 2 Award in Cyber Security Awareness for Business and as such will prove that they have the sufficient level of knowledge and competence to effectively implement an organisational level cyber security strategy.
Educate your business using Spear Phishing.
Identifying a risk profile, based on human vulnerability, is difficult. Yet as most breaches are linked to some kind of Phishing or social engineering, a targeted Spear Phishing test is the best way to identify weakness. Our innovative testing via email best replicates how an attack would target an organisation, bypassing firewalls and landing in the inbox of a potential victim. We are then able to measure specific high risk areas and user groups with your company and focus our training more effectively towards those that need it. This software can also be used to monitor and evaluate improvements over time. Contact us for more information on the training we can provide to ensure you and your company is secure against cyber threats.