Security professionals from financial services recently met at a CybSafe hosted webinar. Hybrid working is not an excuse for more crap e-learning.
- Joseph Krull, former Industry Analyst for the Aite-Novarica Group
- Elizabeth Murray, Security Culture and Awareness Lead at the FNZ Group
- Ceri Jones, Specialist in People Centred Security and Security Awareness
- Martin Smith, Chairman and Founder of SASIG
- Oz Alashe, CEO and Founder of CybSafe
At the start, the experts highlighted the move to hybrid working, and the challenges this brought for security professionals, especially those in financial services organisations.
From managing security in one central site to thousands, security teams had to adapt to support and assist their people.
The panel agreed traditional training is not the right way to keep people secure. To be effective, training should meet people where you find them. It should be adaptable and personalised because people learn in different ways.
They also discussed innovative ways of making training engaging. Storytelling, immersion, gamification, and even linking cyber security with people’s wellbeing during the pandemic. These are all ways security professionals can influence change.
Moving on, the panel discussed how compliance sits within the financial services sector. No one’s questioning the necessity of compliance. But the speakers argued it is only a baseline. Meeting regulations is not a sign that a business is cyber secure.
Further on, the experts spoke about metrics to measure and improve security behaviour. As well as the metrics that can provide false baselines. For example, the number of clicks on a phishing link. Or measuring what people know rather than why they behave a certain way. These don’t show how much risk you’re carrying. Measuring how people behave does!
Finally, the panel explored some of the opportunities for hybrid working. The pandemic has put security at the centre of many organisations’ agendas. It has brought inclusivity for all types of hybrid workers to their attention.
It’s clear for cyber security professionals today, now’s the time to act!
Want to discover more about reducing security incidents in your hybrid workforce? You can watch the full webinar recording here.