Framework for cyber security awareness training

 In News

ASA​UDIT announces a discounted price framework for cyber security awareness training services for the South African Higher Education sector.

The cyber security landscape is constantly changing – phishing and ransomware are compromising organisations and people every day. Universities are a prime target for cyber-attackers due to the large population of users as it only takes one person to open a Phishing email, download an attachment or click on a link for the institution (or person) to be compromised.

Listening to our institutions most of them do not have the budgets available to invest into every area in their IT security infrastructure to prevent attacks. Even with extensive investments, the weakest and most vulnerable layer of defense in any organisation are the users. Many of the recent successful cyber-attacks which have crippled Universities, caused severe financial loss and damage to reputation – have been as a result of phishing.

Providing user awareness of cyber-attacks, what they are and how they affect work and home life, is crucial to help reduce the overall risks of phishing attacks. To help promote user awareness and to support our university’s in the prevention of phishing attacks, we are pleased to announce that we have negotiated a discounted price framework with KHIPU Networks for their cyber security awareness training services exclusively for the South African Higher Education sector.
        
Cyber Security Awareness Training Service

The consultancy led awareness training service provides a complete and tailorable package to help prevent phishing attacks by identifying your risk (how vulnerable is your university to phishing) and through user education. The service includes the following:
        
Simulated Phishing attacks:

  • Simulated phishing emails that can be fully customisable to meet different requirements and real-life scenarios
  • Simulated phishing websites that can be made to look like the University’s domain, website, intranet etc

What is at Risk: Understanding how the University reacts to a simulated phishing email attack.

  • Infrastructure: Did firewalls, email spam filters block the attack
  • Processes: How did their users / IT helpdesk etc react to the phishing email
  • Users: How many people opened them, clicked on the web-links and were compromised (shared information via simulated phishing website)

Management reports:

  • All findings from the simulated phishing attacks including number of opened emails, clicked on links and compromised users
  • Recommendations on training, processes and security infrastructure (configuration and solutions)
  • Best practices for cyber security and attack prevention

User education: Enable the right type of cyber security awareness training to users so they are aware of phishing and know what to do if an email looks suspicious:

  • On-demand education emails and landing pages to promote staff awareness on cyber security and phishing
  • Training interactive quizzes, tests and video
  • “Cyber Security 101” Classroom training: Onsite and virtual (online) option​

Ask North-West University – Why Cyber Awareness Training is so important

Our organisation like many others, is constantly dealing with cyber threats and attacks. When you have such a large number and diverse range of users, it’s likely that an attack such as Phishing will be successful, causing major problems such as crippled networks, confidential data leakage and damage to reputation. Whilst you have to invest into the right technologies and solutions to protect against these attacks, it’s not always possible due to budget constraints. Even with heavy solution investments, it’s still the users who are the last point of defense against any attack.

One of our key approaches to address cyber threats, is to provide awareness training to our staff. Using Khipu’s Cyber Security Awareness Training service, we now have visibility of what the risks are to our organisation in the event of Phishing attack, so that we can provide regular awareness training to improve our security posture. By educating users on what the risks are around Cyber Attacks, the implications to them both personally and at work, and how to identify Phishing will reduce our risk of a successful attack. We are already seeing improvements in staff behavior and it’s only early stages of the service”.

​Boeta Pretorius, Chief Director of IT, North-West University