How are you communicating best security practices with your team now and what has changed?

“The thing we try not to do is to barrage people with information.“

Ben Aung, global CISO at Sage, talks to Sooraj Shah about the importance of a highly usable knowledge base for cyber security best practice.

Ben Aung was a speaker at the very popular R3 cyber security conference, which ran from 15 to 24 September 2020. If you missed it, then it’s not too late: you can still watch on demand.

Video transcript:

How are you and your team communicating security best practises to colleagues now? What’s changed?

So we’ve used all the usual kind of mechanisms. So we’ve had internet articles, we’ve sent emails. We’ve engaged directly via management chains and business units. I think the thing that we’ve done, or we try not to do, is barrage people with too much information. So where we can avoid it, we’ve not created completely separate channels for security information. We’ve tried to use existing channels that were designed to support colleagues as they transition to working from home, and then working from home during lockdown. And then use those channels, those same channels, to emphasise and reiterate some of the security best practises. And they make it very, very easy to find what the origin is. So if anyone’s looking for an answer in terms of what they should be doing in a certain situation, then it’s very, very quick to find, very intuitive, and simple for everybody.