Addressing the human aspects of cyber security

Companies can field the latest IT security technology, but they should remember that humans are the ideal target for cyber-attacks. In a world of growing online threats, how can all staff be made fully aware of cyber security in their daily tasks? One solution is to foster secure behaviour among staff and customers, a key part of any comprehensive security strategy.

Cyber resilience is achieved when people, processes and technologies operate in harmony. People are resourceful and at the heart of every organization. But they make ideal targets for cost-effective cyber-attacks, as was highlighted in the EU Agency for Cybersecurity 2018 report on Cyber Security Culture.

Behaviour transformation requires individuals to have knowledge about security and risks, plus access to security controls with excellent usability. What staff need are a positive attitude towards their company and its security, plus the motivation to act securely.

Our solutions

We offer a combination of solutions tailored for your organization’s needs and your situation’s criticality. They range from advice through to the implementation of our human-centric security framework.

Your path to an effective security culture may include a selection of SMC Consulting’s Security Solutions, which we deliver in three ways: Expertise (or advice), Project or Managed Service:

  • Integrate our State-of-the-art Human-Centric Security Framework including reliable & tangible metrics, and a risk-based process designed to specifically address the needs of behaviour and cultural changes.
  • Assess and improve your security culture: Security culture surveys, 360° assessment of your security environment, media and supports to explain security risks and expected behaviours, and internal communication advice to tailor your security.
  • Transform your people’s security behaviour with our educational activities like phishing exercises, serious games, security awareness bootcamps, specific trainings for high-risk profiles, and team building events around security and any other activities.
  • Measure security awareness & educate at the same time: We perform password strength tests, phishing tests, physical penetration testing, tailgating, social engineering and other activities to ensure your metrics are tangible and represent an actual risk level.

Changing your organization’s cyber security culture – one nudge at a time

Based on our latest research in cognitive sciences and social psychology, our solutions use the perfect mix of education, influence, nudging and creativity to achieve optimal impact. You can achieve a return on investment some 3 to 10 times bigger with our scientifically tailored interventions, which blend technology and behaviour, compared to a traditional intervention.

With this new security mindset, you will enjoy numerous benefits:

  • Better compliance with your security controls, fewer incidents, and your employees becoming more accountable for security.
  • Increased agility: security becomes streamlined and embedded in your processes and solutions.