Some early results from our upcoming 2021 Cybersecurity Survey show that awareness training and phishing simulations are becoming more common in the workplace. This is great news - because it means more Canadian organizations are reducing cyber risk and educating their employees on the dangers of phishing, business email compromise, safe web habits, strong passwords, and other cyber threats.
Our CIRA Cybersecurity Awareness Training platform is used by governments, the education sector, and other industries across Canada to help reduce cyber risk in the workplace. Users benefit from automated, ongoing phishing simulations and courses tailored toward a Canadian audience. If this is something you're thinking about implementing at your organization, here are a few reasons why now is a great time to do so.
1. Threats are increasing
Ransomware incidents and payment amounts are on the rise, more people are working from home, increasing the number of possible cyberattack vectors, and cyber criminals are continuing to exploit fear and uncertainty regarding the issue of the day - be it the COVID-19 pandemic, the election, and soon, holiday shopping season (it's never too early to get started...). Organizations have a number of technical layers of security at their disposal to protect against these threats - but the human layer of defence is also critical - educating your employees to recognize and report incidents can go a long way to help protect your organization.
2. It's now becoming a requirement for doing business
We're hearing more and more from customers that they need to deploy some form of awareness training to meet the requirements from vendors or to renew their cyber insurance policy. Businesses are doing their due diligence for any relationships that involve sharing or transfer of data, and cyber insurance providers are looking for anything they can do to reduce the chance of having to pay out on cyber/ransomware claims.
3. Implementation frameworks recommend or require employee training
Larger organizations follow the NIST Cybersecurity Framework or ISO Standards when it comes to managing risk. Small to medium Canadian organizations can look to the CCCS' Baseline Cyber Security Controls for Small and Medium Organizations. Regardless of the framework, your organization is following, employee awareness training is part of reducing risk and a recommended action.
4. Training is effective
Another sneak peek stat from our 2021 survey is that 95 percent of respondents said that awareness training helped reduce the number of incidents in their organization. A little training can go a long way.
5. Training can be simple to deploy
If you're looking for a simple, automated solution, our training platform designed for small teams (<50 employees) might be up your alley. Launching a training program might seem intimidating but it doesn't have to be - we have a solution that keeps it simple for you to get started (no IT team even required). We also have a detailed resource full of tips we've gathered from helping onboard customers that guides admins through the various stages of the launch process.
6. October is spooky season
With staff hunkering down after summer vacations, they'll be on board to learn something new to do their part in keeping scary ransomware and phishing at bay this October. Launching a training program now can help prepare your employees for the increase in cyber risks typically seen during the holiday season as well.
This blog summarizes key points from an on-demand webinar! See the full details here.