Tackling cyber crime with Zero Threat
Posted on 10th January, 2017 by Amber Gallacher
Many of us are now opting to store our personal information and business data digitally for simplicity and convenience. We trust our mobile devices and computers to keep multiple passwords, financial data and personal information safe and accessible only to us.
But this is not always the case, with hackers exploiting this increased reliance on all things digital. Businesses are now at high risk of having data stolen through a range of advanced hacking methods, with individual employees being targeted in phishing scams, social engineering and malware.
Cyber crime is a growing industry, and those involved are becoming more highly skilled at defeating security measures. In fact, cyber criminals cost the UK alone almost £11bn in 2016, figures from Action Fraud, Get Safe Online and the National Fraud Intelligence Bureau (NFIB) suggest.
It’s up to companies to provide the training required to better equip their staff to prevent and manage the cyber attacks that will target them at work. But when Eukleia, a specialist Governance, Risk and Compliance (GRC) training consultancy, conducted research into this subject at an industry wide compliance event, and asked professionals if they thought their current compliance training was working, a worrying 58% of participants stated ‘sort of’, 18% ‘not sure’ and a further 7% ‘no, I don’t think so’. For businesses to better protect themselves against these types of attacks, it is vital that their workers truly understand the risks associated with not adhering to compliance safety procedures.
So what’s the problem? Why is the training around this critical issue not resonating with employees? A key issue is that they are simply not engaging with the (often very long and detailed) learning enough for it to make a lasting impact. 80% of participants in Eukleia’s study stated that their compliance training did not yet involve games. Could this be the element that cyber security training is missing, and the key to better user engagement?
Recognising the huge need for stimulating compliance training that will no longer be overlooked by employees, the Zero Threat game was created. The game comes from a partnership with educational game creators Preloaded, and Governance, Risk and Compliance specialists, Eukleia. It draws inspiration from the simplicity of card games, and the addictive style of fast-paced gaming apps that are popularly played on mobiles today. The idea is to simulate threats from cyber attackers which prompt players to make choices as if those threats were happening in real life, with significant consequences for their company.
Technologies commonly used in the workplace are mirrored in a network made up of computers, personal devices and documents, all at risk of being hacked. Gradually worsening threats are imitated, encouraging players to take counter-actions to prevent and eliminate these dangers targeting the network. Zero Threat gameplay covers a range of areas including safety in passwords, social media and phishing scams. If players do not take the right measures to successfully protect company data, outbreaks begin infecting the systems. The game also reinforces the seriousness of the issue by highlighting examples of real-life businesses which have been victim to hackers.
Learners can repeat the game to aim for higher scores, drawing them back to the content just like in mobile gaming, and facilitating better retention. The Zero Threat game can be linked to an LMS in order to track learner progress, enabling employers to see each player’s scores.
Here at LEO, we believe that providing educational material in an entertaining format helps to engross learners more than traditional training methods. By invoking an emotional response through playing, we have a much higher chance of producing true behavioural change.
If you think your business could benefit from a game like Zero Threat to help tackle its compliance training challenges, then get in touch.