Finally moving into the right direction!

This year we are super happy to see that the European Cybersecurity Month after 10 years of once-a-year campaigning finally is changing towards a much more useful all-year-round perspective. About time!

Because like in all kinds of training, doing your exercises ones a year is not enough. Whether it’s about maintaining a high level of cybersecurity awareness or being able to complete a marathon run – you need to keep practicing over time.

This year’s cyber security month themes – phishing and ransomware - make of course perfect sense. Phishing attacks still being the number one threat vector and the steady increase of ransomware costs for business across industries is undoubtedly a strong case for this.

For us as an awareness training provider, it’s also obvious that these themes should be addressed from a human centric perspective. With AI in the hands of threat actors, the attacks will not only increase in numbers, but also become more and more sophisticated. A key instrument in combating this is by strengthening your organizational cybersecurity resilience by securing your coworkers' level of cybersecurity awareness – all year round.

Many of our customers use our phishing simulation as a part of their overall awareness strategy. But we also see a tendency where many providers solely focus on phishing simulation and offer that as the solution to create cybersecurity awareness. We think this is the wrong way forward. A solid cybersecurity resilience – in a constantly changing threat landscape - needs to rely on a cybersecurity culture built on openness and transparency, and this requires much more than just (an ever so important) phishing simulation.

Looking forward we see continuous cybersecurity challenges for both private and public organizations with an ever-increasing number of cyber-attacks. On a more promising note, we also see that cybersecurity is much higher on the agenda in many organizations than just a few years ago. With the implementation of the NIS2 directive we foresee a 2024 where more organizations realize that cybersecurity is no longer something they can tick off once a year to be compliant. Instead, leadership will shift its focus to find reliable methods that can create an increased awareness in the whole of the organization - all year round.

We’re happy to join in with the European cybersecurity month on saying ‘Happy cyber-secure new year!’