Can’t find an answer to your question? Please contact us
CybSafe is a premium e-learning and analytics tool that has been designed to fundamentally improve the cyber security awareness, behaviour and culture within organisations.
CybSafe is customisable so as to suit the needs of each organisation. As a minimum, it provides high quality online training. However, organisations can also opt to have additional CybSafe features, such as analytics and simulated cyber attacks so that they can better understand the levels of people-related vulnerabilities they carry and assure on-going change in cyber security behaviour.
Larger organisations can contact us for bespoke package options.
CybSafe has been designed as much more than a one off, tick-box exercise – because having real and lasting impact on the cyber security culture of your people and your organisation requires more than a standard e-learning course. So, CybSafe is designed to enhance individual and organisational cyber security awareness, drive a culture of good practice and inform decision making.
It also includes a number of additional features all designed to drive culture change and keep organisations informed of the risks they carry.
And, unlike any other cyber security training on the market, CybSafe is CESG accredited. It has been independently evaluated under the GCHQ Certified Training (GCT) Scheme that ensures that it delivers the highest quality and most effective cyber security training available.
Information and cyber security is an issue that is quite rightly attracting increasing attention. Whilst high profile cyber attacks grab the headlines, there are thousands of companies and millions of individuals who are falling victim to information security and cyber security breaches. A majority of cyber security and information security breaches could be prevented though an improvement in security awareness and a more holistic understanding of the people-related vulnerabilities all organisations face.
Our mission at CybSafe is to make people and businesses safer online. It is also to enable businesses to clearly see how intelligent cyber security reduces their risk and saves them money.
We do this so that fewer people fall victim to cyber crime; fewer businesses suffer loss as a result of cyber attacks; and fewer people are vulnerable as a result of their data not being looked after properly.
The team behind CybSafe have, for some time, been addressing high-end cyber security challenges. You can read our story here.
Cyber threats are constantly changing and evolving so 100% safety isn’t something that can ever be confidently claimed.
However, CybSafe will fundamentally change the way your people think of cyber security and improve cyber security culture and online practices. It will also increase awareness and expectation so even though 100% security cannot be guaranteed CybSafe will ensure users have a level of understanding that will demonstrably reduce their vulnerability to cyber attack.
Organisations will benefit from this increased level of protection. And with CybSafe Analytics, for the first time they will also be able to visualise and understand the people-related vulnerabilities they carry with high quality metrics with which to measure their risk.
To learn more about CybSafe, you can view our short, introductory video here. Or you can get in touch and a member of the CybSafe team will be happy to give you more information about getting CybSafe for your organisation.
CybSafe is about changing behaviour and cyber security culture throughout an organisation. As such, it is important that we help users understand why this information is not a chore, but good for their personal security as well as that of their company.
CybSafe has been designed to ensure that it drives this change in mindset. It is accessible, convenient to use and structured in way that minimises imposition. We’ll provide you with resources to help you explain the many benefits of CybSafe that your people will gain, not just at work, but at home too.
We recognise that flexible and remote working practices continue to increase. As such we have ensured that CybSafe content provides information to help keep those that work in this way as secure as possible.
In addition to this, CybSafe itself is accessible via an internet portal or app on multiple platforms - including Windows, iOS and Android operating systems – and multiple devices – including desktop, laptop, fablet, tablet and smart phone.
Accredited CPD training means the learning activity has reached the required CPD standards and benchmarks. It also means that the learning value has been scrutinised to ensure integrity and quality.
CPD certification provides further assurance of CybSafe as a high-quality cyber security and behaviour change tool.
CybSafe complements and supports existing cyber security risk management controls and frameworks.
CybSafe adheres to the Security and Awareness principles in industry frameworks such as the NIST framework.
It also nests into and is fully compatible with CPNI’s Security for Industrial Control Systems (SICS) Framework, which provides organisations with good practice guidance for securing Industrial Control Systems (ICS).
CybSafe supports and complements the UK Government guidance “10 Steps to Cyber Security” - focusing particularly on the element entitled “User Education and Awareness” as part of an organisations Information Risk Management Regime.
It also complements Cyber Essentials, part of the Government’s Cyber Aware initiative (formerly Cyber Streetwise) which provides businesses of all sizes with good standards of basic cyber security practice.
CybSafe supports best practice as outlined in the International Standard ISO 27000 series including the most commonly known 27001 (Information Security Management Systems), and also 27004 (Information Security Management, Measurement).
CybSafe directly addresses a number of points and support government intent as outlined in the recently published UK Government National Cyber Security Strategy 2016.
The General Data Protection Regulation (GDPR) is an EU directive that comes into full force on 25 May 2018. It is aimed at giving customers control over their own data, recognising customers' rights to privacy and ensuring businesses that handle EU subject's data prevent – or at least better deal with – data breaches.
It acknowledges that the data belongs with the individual; individuals are giving a company the licence to use their data when they enter into a contract with them.
GDPR will mean that these contracts will now be underpinned by regulations and legislation that impresses upon businesses the need to reduce the likelihood of data breaches that might put customer data at risk. The GDPR has severe penalties for organisations that lose data - up to 4% of world wide turnover or €20M.
In order to avoid the most severe fines organisations will need to demonstrate that they did all they reasonably could to avoid a data breach. Organisations will struggle to claim this if they haven't put in place an effective mechanism to raise cyber security awareness and change staff behaviour - in essence, addressing the human factor that is so often the cause of a data breach.
CybSafe provides businesses easy-to-use software that enables them to take an intelligent approach to cyber and information security awareness.
This innovative software fuses cyber security awareness training, behaviour change analytics and online threat intelligence.
It provides a simple, GCHQ-accredited and demonstrable way to reduce the risk of a breach, visualise vulnerabilities and demonstrate to the regulator that positive action has been taken.
CybSafe uses applied machine learning and cognitive computing technology to learn and evolve in line with the needs of your business. It is a fusion of TRAINING & AWARENESS | BEHAVIOUR CHANGE & ANALYTICS | CYBER CRIME INTELLIGENCE. CybSafe learns individual knowledge levels, behaviour patterns and the ever-evolving techniques of cyber criminals. It then applies this understanding to ensure CybSafe users are better protected online.
CybSafe is a software tool built on a practical and scientific understanding of cyber resilience and behaviour change.
One of the reasons it is so effective at helping people and businesses be safer online is because it is grounded in psychology and behavioural science principles that can be applied to the practical realities of today's cyber challenges.
What is this psychology?
The psychology that underlies the changing of behaviours is complex and multifaceted. CybSafe's approach is therefore based on theories that acknowledge that behaviour change is most effective when an organisation's objectives are aligned with user objectives.
Whether it is taking advantage of the way the mind works to yield change; (Prochaska-DiClemente “Stages of Change Model" )
Or theories that explore the common circumstance in which people struggle to behave in accordance with their positive desires - despite wanting to; (such as the Value-Action gap theory)
Or theories which explore whether intent (or purpose) is enough to change behaviour; (such as the theory of planned behaviour)
We believe that a cyber security awareness programme that takes an intelligent approach should take theories such as these into account.
They should also be based on an understanding of how attitude, subjective norms and perceived behaviour control all impact intention. And then, how intention impacts cyber security practices.
CybSafe considers many theories and principles and constantly evolves to take advantage of the developments in those that are applicable.
The backbone of the CybSafe software is an analytical engine that provides easily digestible information and insight.
CybSafe uses analytics (the systematic analysis of data or statistics) to develop an understanding of several areas more traditional question-and-answer training would struggle record, let alone analyse.
The analysis covers: levels of user understanding, changes in behaviour, points of vulnerability, areas of risk, relevant cyber threats and user provided insight and lessons learnt.
CybSafe measures and analyses user activity. It then visually portrays the results through graphical displays in a series of dashboards
All of this is carefully designed to help cyber/information security professionals and business leaders make timely decisions and reduce their risk.
Helps to assess and improve the cyber security awareness culture of organisations within your supply chain and helps you stay aware of their status.
Helps you meet many of your regulatory staff training obligations as far as cyber, information security and data protection are concerned.
Demonstrates to customers, partners and regulators that you take the human factor in cyber security seriously.
Provides cyber awareness risk rating that assures third parties of your intelligent approach to cyber security awareness
Helps to assure supply chain by helping you visualise their cyber awareness status.
Provides a mechanism through which you can engage staff about cyber security in a new, interesting and relevant way through co-creation, user generated content and innovative collaboration.
Provides a clear indication of the ROI.
CybSafe is much more than cyber security e-learning training although the training component is key. Rather it is a software tool built on a practical and scientific understanding of cyber resilience and behaviour change. This is because we believe that to help people and businesses be safer online it is important that cyber awareness programmes are grounded in psychology theory and principles that can be applied to the practical realities of today's businesses.
Some of the ways CybSafe provides a ROI include:
Changing cyber security behaviour and reducing vulnerability.
Reducing the likelihood of a cyber breach thereby saving money.
Extracting greater value from cyber security expenditure by making people part of the cyber defence.
Reducing the cyber vulnerability posed by suppliers.
Publicly demonstrating commitment to cyber security and the importance placed on protecting people’s data.
Potentially reducing the cost of cyber insurance premiums and the severity of any fines in the event of a breach.
CybSafe Users are tested to ensure that they have understood, retained and assimilated the information that have been given. Our aim is to change behaviour rather than simply provide information.
Measuring behaviour change is extremely difficult and needs to be done over time however, there are several things that can be done.
As well as more traditional multiple choice test questions CybSafe uses interactive content to test retained knowledge. It also uses simulated attacks such as phishing email, fake-malicious SMS text messages and fake-malware USB stick drops to assess whether CybSafe Users understand the dangers associated with these common attack vectors.
Users that carry out inappropriate actions are ‘re-taught’ the more appropriate action.
These tests are conducted throughout the subscription period (1 year) to ensure that cyber awareness levels remain high.
The core accredited CybSafe training and awareness package covers twelve modules including phishing, social media, public WiFi, malware, data legislation, breach recovery, identity security, passwords and many others.
There are also role-specific and industry-specific modules available to CybSafe users to ensure contextual relevance and understanding.
In addition to this organisations have the option of customising content by selecting which modules their people take if they don’t want to cover all twelve modules of the core accredited course. We can work with organisations to create bespoke modules if there is an area of cyber security training and awareness that is a critical challenge to your industry, sector or business.
Yes! One of CybSafe’s unique features is "Friends & Family" – the ability for CybSafe users to share the short training and awareness videos from the CybSafe modules with up to five family members or friends.
CybSafe is continually updated and improved. As part of this we will alter and amend core module content and information to take into account changes in cyber security threats. All CybSafe users will benefit from this knowledge.
In addition to regular updates based on the latest threat intelligence, you can also opt to receive threat Intelligence and notifications that alert administrators and users to important information and updates.
CybSafe has been developed by a group of specialists with a broad range of expertise. These include:
IT security specialists
national security experts
and business leaders.
Our development team have unrivalled expertise in complex human networks, which means CybSafe is designed with the knowledge and understanding of how to positively influence behavioural change and drive an ongoing culture of good practice to enhance your cyber security.
You can read more about this in our story here.
CybSafe is much more than a standard employee e-learning tool. It encourages and measures retained learning to help you quickly identify and understand the people related cyber security vulnerabilities your business carries and track how these change over time. The additional features drive a level of behaviour change and organisational assuredness that many organisations will benefit from. And Cybsafe is accredited as GCHQ Certified Training meaning that the course materials have been rigorously assessed against GCHQ standards.
CybSafe has been designed to reduce the burden on those responsible for cyber and information security within organisations. The package is automated to reduce administrative impact and the CybSafe Analytics reports are exportable in a format that is ready for presentation at leadership level.
CybSafe is just the tool for organisations with limited manpower and capacity as it brings together so many cyber security awareness functions in one package.
CybSafe is continually updated and improved. As part of this we will alter and amend the content and information to take into account changes in cyber security threat. All CybSafe users will benefit from this knowledge.
Nothing is ever 100% secure. However, the CybSafe team have taken a number of measures to make sure we are following strong security practices:
We minimise the sensitive and personal identifiable data stored by CybSafe - restricting it to only the data that is absolutely necessary to providing our tools.
We encrypt data transfer between your browser and our servers via SSL.
We have implemented robust systems to protect any data that is stored on our servers (all of which are located in the EU).
We encourage you (the user) to adopt good practices with regard to password use.
We have submitted CybSafe and its infrastructure to independent penetration testing, to ensure it has strong defences in place.
All information you provide to us is stored on our secure servers. Password details will be encrypted and you are responsible for keeping your password confidential. We ask you not to share a password with anyone.
Whilst the transmission of information via the internet is never completely secure, once we have received your information we will use strict procedures and security features to try to prevent unauthorised access. You will note that we ask for minimal personal data with little, if any of it, considered by most to be sensitive.
Your results, and those of your company, can only be seen by your nominated company administrators, a small group of CybSafe administrators and the CybSafe development team.
CybSafe organisations also have the option, through the CybSafe Analytics package, to be able to compare their data averages with anonymised industry data.
CybSafe licenses are issued for a fixed term of 12 months, renewable annually, with a 90-day notice period.