New e-learning tool targets employee cyber-risk
Aura Information Security has completed the first module of its cyber security e-learning programme…
Information security provider, Aura Information Security, has completed work on the first module of its cyber security e-learning programme – an online training tool designed to help New Zealand businesses raise awareness of cyber-security best practice amongst employees and minimise the risk of security breaches.
The Wellington-based company, which provides cyber security consulting and training to organisations throughout New Zealand, developed the subscription-based tool to help businesses take a company-wide approach to cyber security and reduce the impact of employee error and oversight.
According to Peter Bailey, general manager at Aura Information Security, employees are often the easiest route for hackers to take if they want to gain access to a business’ data.
“Cyber attackers thrive in finding gaps in a company’s armour – whether that armour be made up of people or technology. It’s no longer enough for businesses to put technology and security systems in place, they also need the right policies and training,” says Bailey.
“Aura was recently called upon to assist a critical infrastructure provider that had been targeted by CryptoLocker. Had their staff been through a security awareness course and, in particular, had they been able to spot a phishing email, they may have been able to avoid the negative impact the attack had on the business,” continues Bailey.
The e-learning tool is subscription-based and housed on a customers’ existing learning management system (LMS) or Intranet. Customers pay an annual subscription fee based on the number of employees using it.
There are no limits to how many times an employee can complete the training module, meaning regular refresher sessions can take place throughout the course of the year. New employees can also be added to the module as required so cyber security training can be included as part of the employee induction process.
“One key option that our customers wanted was the ability to train large quantities of staff on-site, in their own time; and in a way that meant everyone across the business got the exact same advice and training. This new tool allows them to do exactly that,” adds Bailey.
The e-learning module, created and managed by Aura Information Security, sits within the Cyber Security by Kordia suite of security products and solutions. Kordia acquired Aura in November 2015 and has since grown to become one of the country’s leading providers of cyber security.
Aura Information Security’s team of experts regularly scan for updates to best practice and security tools, and can update the module remotely to ensure the most up-to-date security best practice is shared with customers.
“When it comes to acknowledging the need for training in relation to cyber security, the larger corporates are doing well and appear to be taking a more proactive approach. It’s the medium-sized businesses that are lagging somewhat,” Bailey notes.
In a recent survey of more than 180 IT decision makers from New Zealand organisations with 20 or more employees, 82 percent of businesses with more than 200 employees felt they had enough tools available to them to educate and assist their business in making informed cyber security decisions. This dropped considerably to just 58 percent for those with 60 to 99 employees.
The survey, conducted by Perceptive Research and Kordia in March 2017, also found that seven in 10 respondents overall stated that their company currently has policies or training in place relating to online security, but the number dropped to 58 percent for medium-sized businesses.
“The key point to note here is that in order for cyber security to become a part of the culture of an organisation, staff need to be involved – not just those in the IT department or senior management, everyone has a part to play,” Bailey concludes.
For more information visit www.aurainfosec.com or www.kordia.co.nz