From 2003 until 2007, I was a penetration tester. It was during that time that I realized people were the weakest link when it came to cyber security. Hackers, like most people, tend to choose the path of least resistance when they compromise the security of organizations, and that path is more often than not through people.
When I went into those same companies with my PowerPoint slides to teach people about cyber security, I thought it would be my time to shine. I thought everyone would love to hear what I had to say. To my surprise, this was not the case and I soon felt that I was almost sucking people’s will to live out of their eyes. That’s maybe a little bit too dramatic, but my lecture was just that boring to them.
In 2007, after one of these presentations at a pharmaceutical company I started to think, there has to be a better way to get the message across. I discussed this problem with my wife, Helga Bjorg Steinthorsdottir who is an HR specialist, and together we founded AwareGO. First and foremost it was founded on the idea that we wanted to help train people differently, remove all shaming and blaming from the training curriculum and give people a chance to get invested in their own cyber security. This is the foundation behind everything we do here at AwareGO.
I believe that we the humans are the best virus protections ourselves if we are made aware and reminded constantly on different threats.
My mission is to turn every employee into a cybersecurity taskforce by educating them in a fun and efficient way.
How to engage employees in security awareness training
After about 30 years of companies being connected to networks and the internet and about that long dealing with cybersecurity threats, one thing is absolutely certain: the best way to secure your network and keep your data safe is with aware employees.
What is cybersecurity awareness?
Cybersecurity awareness is more than simply knowing about cyber threats. It’s a series of trainings, policies, and actions that lead to a higher level of security in your business or organisation.
4 Key Facts You Need to Know before You Start Your Security Awareness Training
Spear phishing is a specific cyber-attack that is aimed at an individual or individuals that are associated with an organization.
How GDPR compliance will help your company
Did you think GDPR compliance was done at your company once you got your mailing-list subscribers to opt-in? Or once you fixed a few things on your website? From now on it is your organisation’s duty to protect any and all personal information you client or subscriber might give you.
Why phishing simulations aren’t on our menu
Through many clients and partners, we have gotten this question: “Do you offer phishing simulations?” The answer is no, although we do understand why they’re asking. Or is there something else you could do instead?