Why do we Need Cyber Stars?

Cyber Security has been identified by both the UK Government and European Union as the single greatest threat to many businesses. It is estimated that cyber attacks have cost global business in excess of $400 billion in 2015, with 8 in 10 large companies falling victim to cyber crime.

The fact that both the volume of cyber crime and the financial impact of that crime has risen significantly each year since 2008 acts as clear proof that existing systems are not working. Most organisations now have competent and qualified cyber security staff in place and we are increasingly aware of the critical infrastructure requirements supported by excellent schemes such as Cyber Essentials. Therefore, the question remains, why do we continue to struggle to cope with cyber crime? The response is clear:

Research indicates that as few as 10% of cyber attacks are actually a result of infrastructure inadequacies. The primary cause of cyber security breaches within a business environment is human error, most frequently caused by a lack of general cyber security awareness and the confidence to respond. Cyber crime adapts at a far greater rate than existing training and awareness programmes.

We have developed a culture in which responsibility for cyber security awareness and education has been limited to specific individuals within IT and network security positions. As a result, most companies have a significant lack of understanding and acceptance of responsibility throughout the wider workforce.

Increasing levels of remote and mobile working reduce the ability for companies to manage the cyber threat as effectively, yet little or nothing is done to increase awareness to the average system user. For those companies with cyber security awareness programmes in place, few if any have a robust metric for testing understanding and competence. Individuals receive no recognition for increasing their cyber awareness skill set, therefore personal buy in to cyber security at work is often minimal.

How Do Cyber Stars Work?

Traditional training programmes often lead to a skill fade from the second an individual completes that course. In an environment where cyber threats evolve at such a rate this often means that training is quickly outdated. The Cyber Stars Initiative provides an opportunity for exactly the opposite. On achievement of their qualification, each Cyber Star will continue their awareness education.

Each individual will be provided access to a Cyber Security Information Sharing Platform. The platform is updated regularly with specific cyber threat information and provides an opportunity for continued learning and awareness for each Cyber Star. It is then the Cyber Stars’ responsibility to access that portal on a regular basis and identify current and emerging cyber threats. The Cyber Star is then a nominated point of contact for circulating that awareness throughout their wider area of responsibility, ensuring a sustainable and holistic approach to cyber security education within a business environment.

Studies show that employees are far more receptive to information when it is transferred at a “peer to peer” level, rather than enforced through a hierarchical structure. The Cyber Stars initiative involves changing the organisational culture related to responsibility for cyber security. We do this by qualifying chosen members of staff from within each department to act as a Cyber Security Representative. This principal has been applied by businesses to satisfy a range of legislative requirements since the introduction of the Health and Safety at Work Act. The need is long overdue to apply the same principles to cyber security.

The responsibilities of a Cyber Star go beyond an increased personal understanding of cyber security. A Cyber Star is responsible for ensuring that good cyber security is adhered to within their workplace, educating colleagues and peers to specific threats. By qualifying a team of Cyber Stars, you are best placed to ensure organisation wide cyber security awareness and better still, a workforce that takes personal responsibility for cyber security.

Cyber Stars will undertake the new ProQual Level 2 Award in Cyber Security Awareness for Business and as such will prove that they have the sufficient level of knowledge and competence to effectively implement an organisational level cyber security strategy. Change your organisation’s cyber security culture before it’s too late.