A Helsinki-based company called Cult Security Oy is busy creating a new, innovative and cost-effective way to strengthen protection of any organisation against cyber crime and human error. Their team of expert security professionals have developed an application called CyberCoach that provides the training, 24/7 support and data an organization needs to protect their employees and their business online. Two of the founders of Cult Security, Maria Bique and Teemu Turunen are in the above photograph – Mikko Toivanen, the third founder, was missing when the photograph was taken.
It has never been so good for hackers since there has been such a massive explosion of ransomware, financial theft and of leaks of private and public secrets.
The criminals responsible all deserve Gold Medals this Olympic Year – they are from China, Russia, North Korea, Ukraine, Vietnam, Iran, Georgia, India – all the good places where they are allowed to go about their business without too much trouble and, in some cases, with plenty support from the state itself! Even criminal hackers from western countries are actively seeking network weaknesses to spy and blackmail corporations and other bodies.
There are many cyber security service providers trying hard to slow down the increasingly active state hackers and criminals who are demanding ransoms, and stealing money, technology, technical, medical and state secrets. State hackers are also using their skills to threaten democracy and the normal functioning of critical infrastructure in countries they consider to be their enemies.
CrowdStrike, a big international cyber security service provider, has reported in their “2021 Global Threat Report” excellent statistics about recent attacks and forecasts about what we can expect in the coming months. The picture they show is not just grim – it is frightening…
According to the report, the size of wrongdoing over 2019 – 2020 doubled each year and the biggest sufferers are those who have the resources to pay ransoms and probably a strong incentive to avoid being closed down to long. Big and small companies, private and public entities in many different sectors are all targets for these people:
The report covers the main perpetrators, the main malware and describes in some detail how they get access to data through hardware equipment and through user’s computers. The last group are probably the largest sector and most fruitful source for the perpetrators. No matter how good the defences built up by the IT departments in any organisation, the weakest points are in the ordinary staff who just do not or cannot follow all of the policies and procedures that have been put in place. It is also increasingly difficult for an organization to protect itself by increasing control without making it difficult for employees to get their work done online.
Training staff in any company is hard work and it is clear that IT departments seldom have the necessary resources or skills to deal with such matters.Furthermore, asking staff to attend Cyber training courses is both time-consuming and expensive.
Covid19 has also increased the need for new cybersecurity policies that allow safe remote working. Security policies are needed for access management for remote workers, the use of personal devices, and updated data privacy considerations are necessary for employee access to documents and other information.
But even when these are in place, and even with the correct technology is clearly critical in the fight to detect and stop intrusions.
The end user remains a crucial link in the chain to stop breaches.
User awareness programs should be initiated to combat the continued threat of phishing and related social engineering techniques.
Cult Security, a Finnish cybersecurity product company, has now entered this part of the market with their CyberCoach, a 3-in-1 solution that not only provides effective and interactive scenario-based training, but also supports employees in security issues and helps the security team communicate with employees. Here is a screenshot from their application:
The surge in both volume of cyber threats and the severity of their impact is challenging for employees. Employees must constantly be aware of the changing threat landscape and not fall victim to these increasingly sophisticated cyber-attacks. As more traditional industries continue making the digital leap, more and more employees must learn how to work with data and technology. Employees in every company become guardians of an ever-increasing amount of confidential digital information, almost regardless of their role in the company. Mistakes are inevitable, especially without sufficient training and support available.
The more people and technology work online, the worse real-world consequences cyber-attacks and human error with data and technology can cause. Cybersecurity in today’s connected world is not just about securing information, it’s about securing the physical safety of people, democracy, and justice in society, even the environment. Companies must figure out how to train employees with varying digital skills to recognize security risks in their daily work, and constantly support them in making right choices.
CyberCoach provides employees from all skill levels practical and role-relevant training, 24/7 support and instructions all in one place. Because CyberCoach is anonymous, employees have a lower threshold for getting help. This enables organizations to recognize and respond to potential security incidents faster. The platform also provides actionable insights into the security culture and awareness across the organization. It only takes a short time to complete their new training scenarios. CyberCoach can save a lot of valuable time, while ensuring the organization always stays aware and able to respond to the latest threats.
Take a look at their website: https://cybercoachbot.com
Declaration of Interest: The writer has small minority investment in the shares of this company.
