- 62% of CISOs attending the Financial Services Information Security Network said they were prioritising security awareness in their business
The Network Group Events, alongside information security experts including ethical hacker Jamie Woodruff and former Rothschild & Co CISO Naveen Vasudeva, has called on the Government to invest in security awareness measures. The Group, which runs the annual Financial Services Information Security Network event that is attended by CISOs from the FTSE 250, wants the Government to use part of its £1.9bn National Cyber Security Strategy budget for a public awareness campaign to educate people about cyber security best practice.
The news comes alongside statistics from The Network Group Events, which polls financial services CISOs each year, showing that 62% of c-level information security experts see security awareness management as an investment priority.
Security awareness training involves educating employees to help them better identify and avoid malicious cyber activity or recognise a potential cyber-attack. Recently cyber security experts from the National Crime Agency and National Cyber Security Centre warned of a rise in so-called ransomware attacks, where an individual’s smartphone, television or other gadgets are held to ransom over personal data.
Jake Summerfield, Managing Director, The Network Group Events, said, “Despite investment in new systems and processes designed to combat the cyber threat, humans remain the weakest link in most security plans. Whether it’s using an infected personal device in a private network or clicking on a malicious email, it only takes a simple action to cause a breach that can render cyber defence systems redundant and leave company data at risk.
“The Government has already pledged to spend £1.9bn on tackling cyber-crime in its National Cyber Security Strategy. At The Network Group Events, we want to see a proportion of this budget used to kick-start a public campaign which raises awareness about cyber-security best practice and how individuals can keep their devices protected. From our close work with information security experts at the Financial Services Information Security Network, CISOs are also considering the benefits of security awareness programmes, with nearly two-thirds of our attendees telling us it was one of their investment priorities.”
Naveen Vasudeva, former CISO, Rothschild & Co, said, “Whether it’s a small business or a global financial institution, ensuring employees are aware of and are able to spot cyber threats can be vital to a company’s future operations. It’s very easy for a team member to unknowingly infect a private company network just by clicking on a bad link that downloads a virus onto their phone or tablet device. Education is key is to avoiding such scenarios, raising awareness with employees and the public on how to spot the red flags of a potential cyber-attack or content infected with malware.
“If the Government is serious about cyber security, as well investing in the technology to prevent malicious attacks we need an active approach to raising awareness about cyber security best practice and the threats of an infected advice with the public.”
Jamie Woodruff, prolific hacker and IT security expert, said, “With recent high-profile cyber-attacks like TalkTalk and Lloyds Banking Group, it’s all too easy to forget that in many cases members of the public themselves can be the Trojan horse for a hacker.
“An infected personal or work device can be an easy route for a cyber-criminal to gain access to a private company network. It’s therefore vital that companies and the Government work together to invest more in making individuals, whether it’s their employees or the public, to be more aware about potential cyber threats.”