What is Cyber Stars?
The Cyber Stars Initiative was developed to minimise the cyber threat to business generated by a lack of employee awareness and confidence to act. The Cyber Stars Initiative is the only cyber security awareness programme with an official UK Government regulated qualification attached. The programme therefore provides both a solid metric for measuring cyber security awareness understanding and provides an excellent professional development opportunity for employees.
The Cyber Stars Initiative is far more than just a training course, or even a qualification. Cyber Stars provides a sustainable solution to cyber security awareness in an ever evolving landscape.
With the introduction of the EU General Data Protection Regulation (GDPR) fast approaching, businesses must act now to enable the required changes to cyber security culture within their business. The new GDPR provides a single, harmonised data privacy law for the European Union. With the increasing risk of data breaches from cyber attack , the GDPR aims to prevent the loss of personal data by improving data security for all individuals living in EU member states. UK organisations have until June 2018 to comply with the new law, or potentially face fines of up to 4% of annual turnover or €20 million.
Why do we Need Cyber Stars?
Cyber Security has been identified by both the UK Government and European Union as the single greatest threat to many businesses. It is estimated that cyber attacks have cost global business in excess of $400 billion in 2015, with 8 in 10 large companies falling victim to cyber crime.
The fact that both the volume of cyber crime and the financial impact of that crime has risen significantly each year since 2008 acts as clear proof that existing systems are not working. Most organisations now have competent and qualified cyber security staff in place and we are increasingly aware of the critical infrastructure requirements supported by excellent schemes such as Cyber Essentials. Therefore, the question remains, why do we continue to struggle to cope with cyber crime? The response is clear:
Research indicates that as few as 10% of cyber attacks are actually a result of infrastructure inadequacies. The primary cause of cyber security breaches within a business environment is human error, most frequently caused by a lack of general cyber security awareness and the confidence to respond. Cyber crime adapts at a far greater rate than existing training and awareness programmes.
We have developed a culture in which responsibility for cyber security awareness and education has been limited to specific individuals within IT and network security positions. As a result, most companies have a significant lack of understanding and acceptance of responsibility throughout the wider workforce.
Increasing levels of remote and mobile working reduce the ability for companies to manage the cyber threat as effectively, yet little or nothing is done to increase awareness to the average system user. For those companies with cyber security awareness programmes in place, few if any have a robust metric for testing understanding and competence. Individuals receive no recognition for increasing their cyber awareness skill set, therefore personal buy in to cyber security at work is often minimal.
How Do Cyber Stars Work?
Traditional training programmes often lead to a skill fade from the second an individual completes that course. In an environment where cyber threats evolve at such a rate this often means that training is quickly outdated. The Cyber Stars Initiative provides an opportunity for exactly the opposite. On achievement of their qualification each Cyber Star will continue their awareness education. Each individual will be provided access to a Cyber Security Information Sharing Platform. The platform is updated regularly with specific cyber threat information and provides an opportunity for continued learning and awareness for each Cyber Star. It is then the Cyber Stars’ responsibility to access that portal on a regular basis and identify current and emerging cyber threats. The Cyber Star is then a nominated point of contact for circulating that awareness throughout their wider area of responsibility, ensuring a sustainable and holistic approach to cyber security education within a business environment.
Studies show that employees are far more receptive to information when it is transferred at a “peer to peer” level, rather than enforced through a hierarchical structure. The Cyber Stars initiative involves changing the organisational culture related to responsibility for cyber security. We do this by qualifying chosen members of staff from within each department to act as a Cyber Security Representative. This principal has been applied by businesses to satisfy a range of legislative requirements since the introduction of the Health and Safety at Work Act. The need is long overdue to apply the same principles to cyber security.
The responsibilities of a Cyber Star go beyond an increased personal understanding of cyber security. A Cyber Star is responsible for ensuring that good cyber security is adhered to within their workplace, educating colleagues and peers to specific threats. By qualifying a team of Cyber Stars, you are best placed to ensure organisation wide cyber security awareness and better still, a workforce that takes personal responsibility for cyber security.
Cyber Stars will undertake the new ProQual Level 2 Award in Cyber Security Awareness for Business and as such will prove that they have the sufficient level of knowledge and competence to effectively implement an organisational level cyber security strategy. Change your organisation’s cyber security culture before it’s too late.
Cyber Stars Lite
Following the success of Cyber Stars, we are proud to announce Cyber Stars “Lite”. Not every employee needs to be a Cyber Star, indeed the Initiative was developed to ensure that Cyber Stars spread threat knowledge and create a natural culture of awareness within the workplace, yet there is still a requirement for others to be trained to basic standards and engage with cyber risk. We have found that traditional mandatory training is rarely effective or retained and have developed this programme to provide a more modern, current and engaging alternative to mandatory awareness training.
A fully accredited programme, Cyber Stars Lite involves education through fully immersive film. Through 45 minutes of film-based education, staff will engage with a range of cyber security subjects in a manner that maximises engagement, understanding and retention. With the completion of an assessment, we are able to provide a clear metric to an organisation of where individuals have achieved or any areas in which require more specific development.
“The course gave us a greater understanding of best practice in cyber security. It discussed the different types of cybercrime threats, from remote attacks like malware or hacking to more intrusive threats like social engineering.
“The initiative provides the Council with the assurance that officers have attained a good level of competency in cyber security. This is the sort of course that will be beneficial long after the classroom session.
Royal Borough Of Kensington & Chelsea
“Cybercrime is constantly evolving and, through the initiative and post-course support provided, we will continue to be kept up to date with details of new threats, emerging risks and the latest developments”
Andy Hyatt – Head of Fraud