The Job of an Information Security Manager
Referenced in an InfoSecurity Magazine article from late last year, Risk management firm Kroll found that human error accounted for the vast majority (88%) of incidents reported to the Information Commissioner’s Office (ICO) over the past year: 2124 reports versus just 292 cases that were down to deliberate cyber-attacks. Given that a key principle of the GDPR is that you should process personal data securely by means of ‘appropriate technical and organisational measures’ (aka the ‘security principle’), we took the opportunity – pre GDPR – to review our own requirements for security awareness training; the formal process for educating employees about computer & information security.
After a quick beauty parade, we opted for a local business, Hutsix to provide such an online training platform.
The focus being, to educate and inform the team on the harm that can be done to our network by visiting websites infected with malware, responding to phishing e-mails, storing their login information in an unsecured location, or even giving out sensitive information over the phone when exposed to social engineering. All part of our company-wide security-awareness training initiatives that include, but are not limited to classroom style training sessions, helpful hints via e-mail, and posters … all providing a solid understanding of company security policy, procedure and best practices.
Why mention this now?
We were reviewing one of the Hutsix features earlier today … the management dashboard … a snapshot of our organisation’s security awareness for each user and department across different security topics. As much as all employees being 100% up to date and 100% complete on all modules presented to date is great news, we also recognise that the job of an Information Security Manager is a continuous task … accomplished through ongoing monitoring activities and /or separate evaluations.
We’re already well into our InfoSec training plan for 2019.
Get in touch with us
For more on our data screening solutions, please call:
0330 088 9542
Request A Demo
Schedule a personal demo and learn how our online screening tools and services can help you make quick, informed decisions about the people and organisations you work interacting with.
Need more info? Contact us and a W2 Global Data representative will get in touch with you. We will help you find the right solution, whatever your data needs may be.
Sign up for our Updates
Sign up to our newsletter for updates on our services, business developments and industry trends relating to global anti-fraud, risk management, compliance and KYC.