Opinions on security predictive behaviour
Robert de Haan
Information Security Consultant @ Cypro | Cyber Security Risk and Compliance
I’m sure you heard the theme many times over the past few years that the best ROI for cybersecurity spend, comes from investing in your people’s security awareness.
Supporting quotes from the article below. According to the first Notifiable Data Breaches (NDB) quarterly report, published by the Office of the Australian Information Commissioner (OAIC), 63 notifications were received during the first six weeks of the scheme………….Out of the 63 notifications received, 51 percent “indicated” that the cause was human error, 44 percent were the result of a malicious or criminal attack and three were the result of system faults.
There are more details in our blog post on the subject.
https://layer8security.com.au/majority-of-reported-aussie-data-breaches-caused-by-human-error/
LAyer 8 Security has developed an innovative Framework to address human behaviour and awareness program measurement. We have been very successful in achieving meaningful results to date allowing us to identify issues with behaviour, attitude, impacting culture and understanding of the principles as it pertains to security awareness programs.
We are now looking to develop a component to address “Predictive Behaviour” as it pertains to how people will respond in the future, given external and internal influences. Hopefully, we will be able to predict the actions of people before they undertake malignant or benign activities regarding security.
We are looking for any CISO's and CIO's who might be interested in providing us their thoughts and opinions on how this might assist organizations within specific markets.
We understand how busy you are, and as such, in appreciation, we would also like to offer a purpose-built questionnaire to help you get an initial baseline of your organizations current cybersecurity state.
It is a complementary service known as the Cyber Security Knowledge Survey with a comprehensive report of the findings at the end. This report will provide you with how people understand the principles of security, who has deficiencies, what areas people need further assistance and what level of attention people pay to these topics.
If you are interested in assisting us, please contact me at [email protected]
Fraud Risk Management, GRC, Asset Protection, Investigations, Crypto Risk Management. Enabling young and aspiring practitioners.
6 年Thank you for coming forward with this important topic.? Please consider building in choice architecture into your predictive tools.? Look forward to learning more about your framework. Chris Cubbage