What are the challenges in bringing across a message of cyber resilience across an organisation?

“The way we adapted was…moving as much as we can to fit the situation we find ourselves “

 

Nick Harris, Global Head of Information Security at Oxford University Press talks to Sooraj Shah about how security awareness and resilience messaging moved into different forums to give colleagues the skills to work securely from home.

Nick will be speaking at the teissR3 | Resilience, Response and Recovery summit taking place online, 15 – 24 September.

This year, the very popular teissR3 event focuses on how to improve your organisation’s cyber resiliency and adopt best-practice in incident response and crisis management in a post-COVID-19 world. Space is limited. Register your free place by clicking here.

Video transcript

So in terms of the challenges that you’ve had in bringing across your message of cyber resilience across the whole organisation, what have they been?

So particularly around resilience of our staff, allowing them to keep us secure, allowing them to have the skills, knowledge, awareness to do that, usually we would be able to join particular forums and in person, explain our message, what things cost, would be able to set things up, standards as it were, even to the point that staff would see posters in the office, awareness type material that would reinforce the security of their organisation and an ongoing resilience.

Things that they could do to continue to access information or even down to sort of password rules. And simply, that was taken away from us very quickly. The way we adapted was like everyone has, really, moving as much as we can to fit the situation we find ourselves.

We had a project to change from an annual training and compliance effort to something that we could provide on demand videos and awareness material, targeted campaigns, a new identity, an identity interestingly that we intentionally aligned with the business continuity project’s identity. So their objective was to keep the organisation going.

Well, our objective definitely pulled into that. So we felt an identity that was similar, really kind of aligned with us. And by having that identity and this sort this new training awareness, we increased our Yammer posts, our newsletters, to twice a week, within the bounds of the capacity within the team to reach as many people as we could.

We put a lot more content through different forms that were being held, taking advantage of webinars or internal briefings, anywhere that we could use the audience to get our message through and give them what they needed, which was essentially the skills and the security to work from home.

And it was not done alone at all. Like I said, doing, it with the business continuity effort to do a much wider remit but we are definitely supporting. Our messages were aligned and we were coordinated in our approach. And equally using, what we had was luckily a very effective internal controls internal communications team, who were able to support us, help us with the content, and get to the right audience.

Copyright Lyonsdown Limited 2021

Top Articles

Is your security in need of an update this Cybersecurity Awareness month?

Cyber security experts tell teiss about the evolving threat landscape and how organisations can bolster their cyber security defenses

A new case for end-to-end encryption

How a hacker group got hold of calling records and text messages deploying highly sophisticated tools that show signs of originating in China

Telcos in Europe put muscle behind firewalls as SMS grows

Messaging is set to be one of the biggest traffic sources for telcos worldwide prompting them to protect loss of revenue to Grey Route practices 

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]