At Cygenta, we love Cyber Security Awareness Month. It’s our busiest time of the year and we have so much fun supporting clients around the world with amazing, engaging cyber security activities. In October 2021 alone, we delivered live cyber security awareness sessions to more than 15,000 people in over 10 countries.
We reached across multiple sectors including financial services, professional services, healthcare, education, property and construction, defence, technology, government, and insurance 😅
Thank you to everyone who attended our sessions, and every client who brought us in to deliver awareness-raising messaging for their colleagues. We know that, when you do that, you’re trusting us with an important responsibility. We work hard to do it justice and to help you have the impact that you work so hard to achieve.
And we all know that cyber security awareness can’t just thrive in October. It’s an ongoing process, not an end-state that you can do once, and tick ‘done’.
Maybe you’ve had a great month and want to keep momentum going with your cyber security awareness-raising. Or, maybe you haven’t achieved what you would like to this month, and are wondering what you can do to raise the bar. Perhaps you’re somewhere in-between. In this blog post, I'm sharing a few simple ideas to support cyber security awareness, all year long.
Momentum for Your Awareness Programme
Express Thanks
A simple thank you is a nice way to show your gratitude for engagement, helping people feel appreciated. Positive reinforcement is a core tenant of a healthy, restorative, and proactive security culture, so why not start by saying thanks? You could share a blog post, remind people of any recorded content they can revisit, or record a little video thanking people for engaging in the activities over the month. Remind people where to access key guidance and perhaps share positive statistics from the month, such as how many people joined live sessions or how many questions were shared with the security team.
Deliver Bitesize Communications
Little and often goes a very long way when it comes to awareness-raising, so planning some bitesize regular communications is perfect. We get great feedback from our bitesize awareness videos, which are fun, informative, and accessible at just a few minutes long. Contact us to find out more.
When we deliver awareness-raising sessions, we always leave the participants with key takeaways. These takeaways can then be used as the basis of further communications, to reinforce the messaging and remind people of the call to action. The little image below is one example; feel free to download and share with your colleagues or loved ones if helpful.
A common theme to live cyber security awareness-raising sessions? People always have a lot of questions about cyber security, which they have probably not had much opportunity to ask before. Following up with folks who asked questions, or sharing the Q&A more widely, is a great way of reinforcing messaging. That’s why we’re going to regularly share a brief ‘Ask us Anything’ document, answering questions that we receive in the awareness sessions that we run for clients. You are welcome to download and distribute these Q&As, starting with this one:
You can download a pdf of the Ask us Anything document here:
If you’d like to receive a new ‘Ask us Anything’ document on a regular basis, sign up to our mailing list. And feel free to contact us with any questions you’d like us to cover!
Making use of our Ask us Anything document is one of many ways you can make the most of existing content. You could also share news headlines, interesting blog posts and reading (or listening!) recommendations with people in your organisation – even set up a book or film club.
Share Resources for Non-Security Professionals
Speaking of common questions, we are often asked in awareness sessions where non-security professionals can go for more information on cyber security. Some of our favourite recommendations are:
Confident Cyber Security: How to get started in cyber security and future-proof your career (yes, it’s my book so I’m biased – but don’t just take my word for it, check out the Amazon reviews)
Crime Dot Com: From viruses to vote-rigging, how hacking went global by Geoff White, which is a fantastic combination of detailed yet accessible; it brings to life some of the biggest hacks of recent years
8 Steps to Better Security by Kim Crawley, which distills cyber security priorities for businesses into eight steps; this is a readable, practical book drawing on Crawley's wealth of knowledge in security
Smashing Security podcast for the most fun people can have talking about security, it’s informative and hilarious (and I always love a chance to be one of the guests, like this week when I was invited to be on their 250th episode 🥳)
Dark Net Diaries podcast for those who want to know a bit more about the people on the good and bad side of cyber security (why not start with FC's episode?)
Build a Community
Another great way of keeping momentum going is to launch a cyber security champions programme. A community of champions can really help scale up your awareness-raising efforts and improve two-way communications between your security function and the rest of your organisation. If you’re wondering where to start with a cyber security champions programme, our Champion Leader Framework is just what you need: this month we made it easier than ever (and more budget-friendly!) to access our Champion Leader Framework with the launch of our online course: How to Set Up a Cyber Security Champions Programme.
Speaking of launches…. We have a series of exciting offerings coming in 2022. Each one will help you scale up your awareness-raising activities, promote security behaviours and continue to develop a positive and proactive security culture. If you want to be the first in the know, sign up to our mailing list – or watch this space 💜