People & Communications
It is widely recognised that people are one of the primary challenges to effective security; whether from the errors, overlooked security requirements, lack of awareness or the malicious insider, almost all security incidents have a human element to them. Many organisations focus on user training and awareness; they often do so using a ‘one size fits all’ approach and the results are seldom lasting. Our approach to training and awareness programme development is tailored to be relevant to the community of users & their roles in the organisation. We have also successfully leveraged data from psychometric testing that organisations have performed either as a part of employment or during internal development programs to tailor our programmes.
While building a robust, sticky and effective approach to training of employees is important, it is also valuable to focus on the personal effectiveness of the security team. Often seen as ‘the naysayers’ in the organisation, security leaders and their teams often lack the ability to influence senior business decision makers and operational staff. We have worked with a number of security teams and leaders to assist in their personal development, focussed on building a collaborative, teaming and effective environment that helps have more of an impact on their organisations. In particular we use an Internal Consultant approach to developing individuals that have empathy with the business. We can help with:
Board and senior stakeholder level engagement and clear business focused messaging to enhance credibility and deliver business insights;
Team working to improve the way in which security teams communicate and work together to improve retention as well as benefit from diverse opinions and approaches across team members;
Personal effectiveness including assertiveness, feedback skills, negotiation, conflict resolution and presentation skills to improve team members’ ability to operate with the business and IT peers on a 1-1 level with courage and integrity;
Ongoing coaching support for the security team: an independent sounding board for CISOs and security leaders, helping to continue their personal development.
We see these as transferable skills not just for business, but for life; our people focused approach is both a foundation and a differentiator in the way that we address traditional security challenges. This results in lasting change and really helps our clients to improve cyber security.