News

Human Risk Management – why is it so important?

Security incidents are in the news most days, with high profile compromises causing huge damage to companies not only financially, but affecting reputation and availability of service.  It is also rapidly becoming a compliance requirement for things like insurance and Cyber Essentials as a result.

For example, Jaguar Land Rover suffered a huge disruption to their services for multiple months, also putting customer data at risk at a massive financial cost to the business.  JLR estimate the cost at around £196 million, however broader analysis of knock-on effects suggests it could be as high as £1.9 billion.

Most security incidents start at an individual user level, rarely are customer IT Systems breached without user error; whether that be interacting with a malicious email or website, failing to follow company procedure and/or working in an insecure manner.

Often undervalued by businesses, but what we see as absolutely essential, is training company staff members to recognise threats and work in a secure manner regardless of location – it is one of the most effective ways of stopping security incidents at source.

We recommend online training / testing, phishing email simulation and breach detection (scans the dark web for compromised credentials).  At Connect Systems we facilitate this with our Human Risk Management Service (previously Security Awareness Training); this is designed to empower employees with essential cybersecurity skills and report back to the Senior Leadership Team where there are areas of risk.

How does it work and what does it include?

Our service is a comprehensive Human Risk Management Suite providing interactive, engaging and adaptive learning modules; our service educates staff on key topics like phishing, password security, and data protection, aiming to reduce human error as a cybersecurity vulnerability.

Some of the key features include:

  1. Tailored training programmes – customised training based on individual employee risk profiles, ensuring relevance and improving retention. Employees will undergo a gap analysis when they are enrolled to identify areas of weakness in their security knowledge.
  2. Automated phishing simulations – Emails that look very real are sent to enrolled users to test what they have learnt and that they can spot a potentially malicious email.  This is then reported back on a regular basis to ensure the business security risk is reducing over time.
  3. Breach Detection – The service constantly scans the dark web and known password compromises for credentials from users enrolled in the system, so that we can be alerted of any security breaches quickly.

If you would like to discuss Human Risk Management or have any questions on any of the above, please get in touch with us here and we will be happy to help.

< Back