Training: the route away from all evil. We frequently quote the finding of Verizon that 85% of cyber breaches involve a human element, whereas only 3% exploit system vulnerabilities. In other words, your people are not just your greatest asset: they’re also your greatest threat. And if they’re already stretched, as many of our colleagues in the health and social care sector are, they’re less likely to be thinking through cyber threats for themselves.
Here at SWCRC, we regularly signpost our members towards a variety of free training offers. With an eye to our current focus on the health sector, we thought we’d signpost some of that for you, so you have somewhere to get started in a spare half hour. Let’s start with the National Cyber Security Centre. Heard of it? – it’s the amazing government agency which sadly only 1% of businesses quote as their go-to source for guidance, a lot less than the number that pay the private sector. If you’re focused on patient care, we’re betting that researching agencies like this may not be at the top of your list.
The NCSC have two core offerings which we always mention. The top tips for staff is a great e-learning piece which give people a good grounding in the basics of what to look out for. We’ve all completed it, and we think it’s especially relevant for those part-time people who might be with you for a limited time each week, but still have access to your core systems. Make it part of your induction. And the training for small organisations and charities gives business owners a really simple idea of what they can do to keep things safer. Both of these offerings can be run as standalone sessions via the web, or lifted and shifted into your own company front end to give an air of corporacy.
We also regularly put our members in the direction of existing policing teams. You may not know it, but all of the local forces have their own team of expert, trained officers who spend a huge amount of time talking to local businesses about being safer. Where they have the time left to do so, they’re often happy to talk to you and your staff too. And complementing this offer, the regional police team runs a regular programme of sessions targeting business owners and managers, to walk them through the complexities of cyber security. All of it is free.
SWCRC does of course also provide what we think is an important free offering. Every month, we put together a list of the latest scams: things to look out for, things to update, and things to delete. It’s the central part of our free membership package, which you can sign up to at www.swcrc.co.uk/membership . Rather uniquely, we don’t then try to sell you services, because we’re funded by the Home Office and some rather generous public sector partners. If we can do it for free, for will: and if you need something really bespoke, then we’ll do it as inexpensively as we can.
Which leads us onto the final training piece. We work with selected ethical hackers drawn from the region’s top universities. From postgraduate level down, they understand how criminals seek to get into your systems, and how they work to compromise your security, because they have a hands on approach, and in some cases, years of work within the cyber industry already under their belts. So if you need something particularly bespoke, we can work with them to develop a tailored training offer, that talks about the specific threat to your company or sector, delivered in a way that suits you. The healthcare sector, for example, has come under particularly sustained threat over the last year, and remains a prime target. Because it’s only right that we pay our team for their time, there is a charge for this work. But our whole purpose is to support small businesses and charities, which is precisely why we try to provide the training in such an innovative way, keeping it uniquely affordable.
If you want to talk more about our training offer, please come and visit us at www.swcrc.co.uk, and take advantage of our free membership. We’d love to make you safer.