Cyber Security Mandatory Training 2022
It has been a year since we have been in touch with you all about this so here is the latest.
Should you have any questions please do not hesitate to contact Tomasz or Roger from ICT. How you want to do this is completely up to you: Teams, Email, Phone, in person.
You will all soon receive an email with this information as well:
We continue to be at risk of attack
Phishing campaigns, ransomware attacks and the resulting data breaches have become increasingly common in recent years. Even more so in the current climate when so many of us are working from home.
Please see the BBC article on Gloucester Council suffering a cyber attack
https://www.bbc.co.uk/news/uk-england-gloucestershire-60045060
The government has recognised this issue and Mole Valley have successfully won a grant to further bolster our cyber security defences.
How good are we at recognising Phishing emails?
We have been sending phishing test emails for the past 12 months.
Around 2% of us are failing the phishing campaign each time. The worrying part is that on average 4 of us are giving away credential details each time as well. That will have a disastrous outcome should it be a real phishing email.
Although this is better than our initial test (before mandatory training) of 11.3% and we see the numbers decreasing each time we need to improve in the future and aim to get 0%.
The Importance of Security Awareness Training – Doing your part
It is imperative that we continue to raise awareness of this issue with all staff, and to achieve the above goal we continue to work with the company called KnowBe4 to provide necessary training.
Action: Compulsory Training for you
Everyone will soon receive an email from ICT Service Desk do-not-reply@eu.knowbe4.com with a link to a compulsory Security Awareness Training on the KnowBe4 website.
The training course is called Compulsory Security Awareness Training – March 2022
Here is an example of the email you will receive from KnowBe4:
Please do not delete this email.
The training portal can also be accessed directly from https://eu.knowbe4.com/auth/saml/5207b3e4bfa2
To authenticate, you use your normal email address – it’s single sign on, so no password is required – much like Molly
This is a compulsory 30-minute interactive module which you will have one month to complete.
You will receive scheduled reminders about the training.
You will also be able to find extra training and interactive games in your portal should you wish to broaden your knowledge further. These are optional.
Action: ICT continuous testing
We are going to continue sending simulated phishing tests regularly so you can all test the skills you have learnt.
If you fail these tests, you will be given more training to strengthen your knowledge.
We will naturally be reporting back our findings to SLT on a regular basis.
As usual, should you have any issues or questions, please do not hesitate to contact us via the Service Desk portal on Molly.