One of the ways to minimise your cyber security insurance premiums is to have a solid staff InfoSec awareness program in place. In practice, this is easier said than done. The cost of having specialist and experienced cyber security awareness professionals on the payroll is a luxury few organisations can afford. That’s why MetaCompliance developed a real world methodology for implementing a cyber security awareness initiative called “Generating Change Through People”.
This is a multi-phase awareness change management program that is tailored to the needs of each client. In our experience whilst the threats and risks to most modern organisations are broadly similar, the make up within each customer differs significantly. Apart from industry specific regulation and legislation, the three main differentiators of an organisation's approach to cyber security awareness are tone, appetite and digestive capability.
The first concerns the tone from the top, which is the executive sponsorship. The second is based on the culture of the organisation and the appetite particularly among senior management and the IT department to change how they operate. The third issue concerns the volume of project traffic in an organisation. It’s much more difficult to change a cyber security policy at the same time as an office move or the implementation of a large system like CRM. Staff can only digest so much managing and training from the organisation at once. MetaCompliance is a catalyst for change in jump starting or reawakening your internal cyber security awareness program.