October is Cyber Security Awareness Month!
A lot of our clients are busy preparing events and internal campaigns to increase awareness of cyber related issues in October. However with limited time and too many options, it can seem like too much to fit in to your schedule.
Here are 3 steps you can take to make Cyber Security Awareness Month a big success in your organisation.
Pick a theme
This is an important first step. Cyber security is a huge topic and breaking it down into key themes for your staff can be a great way to get buy-in. The official Cyber Security Awareness Month themes for 2019 are Own IT, Secure IT, Protect IT – but you can use any theme that works for your company. A few of the most popular ones to consider are Social engineering (including phishing), Wi-Fi safety, avoiding online scams, data privacy and protecting your home devices.
Pick one theme or pick many. The main thing to remember is that the themes should relate to the security concerns of your organisation. Where possible, make them personally relevant to your staff too.
Ideas to make it fun and informative
After you have chosen your themes, make sure your events are informative and in line with your company security culture. Cyber Security Awareness Month is a great opportunity to reinforce learning that has already taken place throughout the year. For learning to become ingrained all humans need it reinforced, so don’t be afraid to cover existing messages – try and find a new spin or angle on what you did last time.
Making the events fun and accessible will ensure they are well attended. Involving key clients and suppliers can also be hugely beneficial to both your corporate image and their security.
Some ideas for fun and informative events that we have seen work well:
Guest Speaker: Bring in a guest speaker for a “lunch and learn” session. Find someone who can really bring the subject to life and is a confident and engaging speaker.
Internal panel Q&A session: Get a panel together from different departments and talk about the need for security and the challenges it poses. Staff can submit questions before and during the panel. Find the right people and you will get a lively and healthy debate going!
Courses and Workshops: Run some special courses or workshops on cyber security for your security champions or as an open sign up. One of our clients got us to run our GCHQ cert Social Engineering Course, while another provider ran an escape room. Both were oversubscribed and were a huge success!
Cyber-attack simulation: Put your staff in the driving seat. How would they handle a cyber-attack? Seeing the consequences that can flow from even a minor incident will help staff realise the importance of prevention.
Gamification: Run quizzes and games where staff can win prizes. This is great for generating awareness of the events you are running in October. Many people love competition, either one on one or team against team – You might be surprised how much extra engagement this generates!
After all the cupcakes have been eaten and all the events are concluded it is time to reflect on the success of your event. Send out a survey covering all the learning points you focused on during the month. This will help you assess how much everyone enjoyed the events but can also test that learning has taken place. Send out a short report or infographic on everything you did during October and the feedback you received. This will help reinforce learning and will form a useful starting point for Cyber Security Awareness Month 2020!