Good – that is practical and sustainable - cyber security should enable a business to operate effectively and prosper. Managing cyber risk is made up many elements, however, the core layers are people, processes and technology. Ensuring that all staff are aware of the threats of cyber crime is the key first step to mitigating cyber risks. This is where training comes in.
Ensuring an organisation has an appropriate cyber risk aware culture can be challenging for smaller firms. Often there is no dedicated IT person, let alone a full-time information protection manager. Frequently there is a need to provide effective basic training and at a low cost.
Recently the National Cyber Security Centre (NCSC) introduced an on-line training package to help SMEs provide cyber security awareness training. The ‘Top Tips For Staff’ training package can help form one part of building a cyber risk aware culture. The training is freely available as an on-line training package and as a PDF.
Most organisations will provide fire and workplace safety training, cyber security training should be embedded into the same training programme. New staff should be directed to the training when joining a firm. All staff should be expected to take the course once per year.
Cyber security should not be seen as a barrier to doing business on-line. Good cyber security starts by saying, yes, we can use that technology because we understand how to make use of it securely. Cyber awareness training is a key element to growing and sustaining a modern business.
You can also find more cyber security information on our cyber hub icaew.com/cyber
Click on the image below to read all about the NCSC cyber security training for staff.