Target Audience
-
- Company Security Officer (CSO). Neptune P2P Group offers CSOs the ability to manage the company's Cyber Security Awareness training, being able to oversee staff training progress. CSOs are also able to run phishing campaigns - or if you prefer, Neptune P2P Group can do this for you.
- All Staff. All employees from senior management to a data entry clerk - anyone with access to a company computer or data.
Course Methodology. Online - fully automated. The training awareness modules can be accessed and completed at a time of an individual is choosing. The 20 x modules are generally between 5-10 minutes in length.
Course Aim. To improve a company’s Cyber Security Awareness to mitigate against the threat of a cyber-attack.
Course Syllabus
- Business Email Compromise
- Cyber Safe Travel
- Cyber Safety at Home
- Cyber Threats
- Executive Training
- GDPR
- HIPAA
- Incident Response
- Information Protection
- Insider Threat
- Malware
- PCI DSS
- Phishing
- Physical Security
- POPIA
- Social Engineering
- Social Media
- Surfing the Web
Learning outcome. Cyber Security Awareness Training is the process of educating employees to understand, identify, and avoid cyber threats. An effective cyber security awareness training program addresses the cybersecurity mistakes that crew and staff are vulnerable to when using email and the internet. The ultimate goal is to prevent or mitigate harm—to both the organisation and its stakeholders—and reduce the human element cyber risk.
Background Information
Cyber-attack example - costs UK company £4.4m
In March 2020, as the UK locked down at the start of the COVID-19 pandemic, an employee at British construction firm Interserve received a phishing email, which they forwarded to a colleague. On 1 April that colleague opened the email, unleashing its payload of malware. Interserve’s IT security systems detected the malware, and the company took action to remove the malicious files – but failed to sanitise the initially infected laptop. The attacker retained control of that laptop, and on 3 April gained access to a server. The attacker ultimately took control of 283 systems and 12 administrator user accounts by early May. In the process, they compromised data relating to 113,000 current and former Interserve employees. The UK’s Information Commissioner’s Office fined the company £4.4m, the fourth-largest fine in the ICO’s history – because of the firm’s consistent lack of risk management and unsatisfactory Cyber Security Awareness.
And it happens at sea too!
The threat is as real at sea as it is on land. IMO Guidelines May 2021 highlight that “Regulations and laws are being brought in that will require owners, operators and managers to consider cyber risks, such as the IMO Guidelines on Maritime Cyber Risk Management (ResolutionMSC.428(98) and the IACS Unified requirements on Cyber safety, E26 and E27.” E26 aims to ensure that the equipment onboard and ashore is updated and covers five key aspects, equipment identification, protection, attack detection, response and recovery. E27 aims to ensure system integrity is secured and hardened by third-party equipment suppliers.
Don’t risk your business or reputationIn 2017, a well-known shipping company suffered a cyber-attack, taking its tracking operations and logistics offline for three days. Almost 50,000 endpoints and thousands of applications and servers across 600 sites in 130 countries were affected. There was a suggested loss of up to $300 million.
Address your Cyber Security vulnerabilities
Tackling your Cyber Security weaknesses will enable you to:
- Mitigate against data breaches and cyber attacks
- Reduce vulnerabilities and subsequent risk
- Operate within IMO Guidelines
Educate your crew and port staff with Cyber Security Awareness training programme
95% of successful breaches are down to human error. Building awareness and a more cyber secure culture is key to reducing the human risk factor of cyber risk:
- Build a cyber secure culture through Security Awareness Training
- Automate training deployment to all crew over 12 months
- Test crew members awareness through simulated phishing
- Pull reports to track crew engagement, progress and performance
Train your crew and port staff to spot cyber security vulnerabilities and attacks with our cyber security awareness training program.
Neptune P2P Group is an international private security company offering security risk management, maritime security, protective services, intelligence, and training. We have been protecting organisations operating in high-risk environments, on land and at sea, worldwide since 2009. From maritime security for vessel protection to security risk management consultancy, planning and training, we are here for you 24/7.
