Member Article

Spotting the signs of a hacker: Psybersafe founder believes improved training in cyber security is the answer

We all know that cybercrime is on the increase, but an astonishing nine out of ten cyber security breaches are caused by end users according to the Information Commissioner’s Office (ICO). There’s plenty of cyber security training out there but most of it misses the key ingredient - behaviour change. Mark Brown, cyber security training expert, behavioural science specialist, and founder of Psybersafe, a new cyber security training company launching in the UK this week believes that now more than ever, as more of us spend time working from home, we need to understand how our sloppy online behaviour at home and in the office can accidentally open the doors to hackers.

Psybersafe’s unique approach to cyber security training encourages individuals to take a hands-on, fresh look at the way we act online and uses a variety of behavioural science techniques to “nudge” us into taking better, safer actions. The training focuses on individual behaviour change and the short, easy, practical sessions cover common issues that allow hackers to easily access business systems including phishing emails, password security, the dangers of using free Wi Fi connections and the importance of changing router passwords. The training has been rolled out in the Banking sector in Belgium and Europe and has proved successful in causing a clear change in end users’ behaviour, causing them to take action and improve IT security in the groups who went through the training.

Mark Brown says:

“The way we act and behave online is the first line of defence for any cyber security system – and too many of us have bad online habits we don’t even know about. With more of us than ever before working from home, we are missing all those little psychological ‘nudges’ in the office environment to remind us to be cyber safe - for example the notice saying ‘lock your machine if you leave your desk’. Now, more than ever, the onus of responsibility for IT security must shift from the IT department to individuals to keep themselves and their employer safe from hackers. Employers spend a lot of money on making their systems more secure but hardly any money on training their employees in understanding how to be safe online. We know that behaviour change theory has been proven to work successfully in bringing about change in the areas like smoking cessation or healthy eating so we thought why not adopt the same psychology for IT security?”

In a research survey of 2000 people using the Psybersafe training programme, the majority of individuals took action after completing their online training sessions:

• After only three short minutes episodes of training, 78% had strengthened their password • 40% of users stated: ‘in follow-up to a Psybersafe episode, I changed the security / privacy settings of my social media.’ • 42% of people said: ‘in follow-up to a Psybersafe episode I changed the password of accounts that were shown to be breached or I deleted the accounts completely.’
• And, 95% of people said they remembered these episodes 5 months later.

Mark continued “The most common entry points for hackers are phishing scams, Malware, Ransomware, Hardware and software misconfiguration and weak passwords caused by individuals but we all now need to understand the danger that our sloppy IT security behaviour can bring and take action to change those behaviours. Our user research has shown that by training people to take personal responsibility for keeping themselves safe and taking action as a result of our training, we can bring about a permanent change in IT habits, keep businesses and staff safe from cyber attacks and ensure that we don’t open a back door entry to criminals .”

Mark has over 25 years of experience working in finance and technology in companies across Europe including the major banking firm BNP Paribas. He specialises in cyber safety and developing technology solutions using behavioural science techniques that help to transform businesses and organisations. Mark has a degree in Psychology and during his career has built similar learning tools to Psybersafe as part of his work with behavioural scientists at University College London’s Centre for Behaviour Change, as well as The Behaviour Change Group in the Netherlands and TNO, the Netherlands Organisation for applied scientific research.

Psybersafe training is already operating successfully in Belgium and Singapore and is available in English Dutch and French.

This was posted in Bdaily's Members' News section by Psybersafe .