Presentation on theme: "Establishing Cyber Security education, awareness, training and trust for SMEs Roger Dean, Executive Director www.eema.org."— Presentation transcript:
Establishing Cyber Security education, awareness, training and trust for SMEs Roger Dean, Executive Director
The Challenge SME’s are the most vulnerable due to; No in house resources No funding No technical knowledge Once infected the vulnerability could infect the whole supply chain SMEs believe that their business will be “invisible” and will not be worth targeting by cyber criminals – this is a myth the we need to overcome. It is imperative to communicate to SMEs that cyber security and risk management are a core threat that can destabilise their business.
The solution Market research in at least three EU states Raising awareness to acquire and disseminate cyber security knowledge and skills. Compile best practice training and education programme Initiate a short term market test programme Develop innovative techniques to facilitate hard to reach sectors
User Experience We have the skills and capability to manage a cyber risk project It is clearly in the interests of business to provide leadership and investment in this area We have a strong cyber security education and training base We have a vision for a vibrant, resilient and secure cyberspace Collaboration with other organisations such as ENISA, BCS, Chamber of Commerce This sprint will be greatly enhanced by EU Regulation and National campaigns which would champion the SME’s responsibility to ensure their cyber security.
The Benefits/Impact This will contribute to economic prosperity, protect the supply chain and a strong society A highly skilled workforce will enable cyber suppliers to derive maximum benefit from these opportunities Connect and mentoring SMEs through liaison with larger organisations Create a code of SME Best Practice Guidelines Establish a pipeline of SME stories, media interviews, stories, news releases, industry commentary In consultation with professional accountancy bodies define a set of cyber security audit requirements
: Timescales Maximum 3 months to complete the sprint. Initial market research 4 weeks Collaborate with other cyber security organisations – 4 weeks Create awareness and training programme – 4 weeks Develop innovative solutions to enable hard to reach sectors – 5 weeks Self audit by SMEs to measure effectiveness of the exercise – 2 weeks Obviously some of these activities will run in parallel
Requirments Enlist experts in awareness and education to find creative solutions to the problems Research in partnership with a sample group of SMEs in three EU Member states to inform and support the SPRINT Time and travel expenses