There is no doubt that awareness of cyber risks has grown over the past years. But the actual impact of a cyberattack has risen sharply, as well. And thus more action is needed. There is still a lot of room for improvement, including amongst SMEs. Joyce Proot, director of Technofutur TIC and Technocité, two Hainaut-based competence centres that have set up an extensive cybersecurity training offer: “The need to raise awareness remains enormous. Many SMEs still consider cybersecurity to be a matter of password selection and a firewall; they remain unaware that protection should involve every employee.”
Training tailored to every need
Reflecting this reality, there have been a number of new training modules created within Technofutur TIC over the past year. “For example, we have developed training webinars for local administrations,” Proot explains. “We also organise a more advanced hybrid training programme for people with IT-related functions in companies. We address both the technical and the governance sides of cybersecurity. Among other things, the aim is to teach participants how to carry out a thorough risk analysis. And we familiarise them with legislative initiatives such as NIS2, etc."
Because the need in the field remains acute, Joyce Proot wants the training offerings to reach even more people in the coming years. “We will, for instance, offer free seminars. By making them aware of the existing risks and potential impact, we hope to convince more people to sign up for one of our advanced training courses, which are given by a diverse group of experts. At Technocité, we also have a training course that goes a step further, and aims to train people to become a real reference for cybersecurity within their company. This course also applies to jobseekers.”
The need for a Disaster Recovery Plan
Alongside these training courses, both competence centres try to engage in awareness-raising through specially designed games. “For instance, we have an escape game that aims to teach participants how to deal with the different cyber threats. We especially want to show how much more than traditional phishing is involved. Our so-called cryptoparties have a similar goal. These are actually coaching workshops. Here, participants learn how to set up a security system.”
An important common factor in these initiatives is to demonstrate the potential damage from a successful cyber attack. Joyce Proot: “The reality today is that, when an IT system goes down, the entire business stops. So cybersecurity is indispensable for your company. We must make it clear to SMEs who still think they are not an interesting target, that this is a totally wrong reading of reality. They too need to work on a Disaster Recovery Plan, which a lot of large companies already have in place today.”
“By focusing on raising awareness and getting more people to our training sessions, we want to achieve a shift among SMEs. As an important part of the ecosystem, the Cyber Security Coalition offers significant added value to this,” Proot concludes.