70 likes | 162 Vues
Addressing the vulnerability of SMEs in cyber security through awareness, education, and training. Includes market research, best practice programs, and innovative techniques to enhance SME resilience in the digital realm.
E N D
Establishing Cyber Security education, awareness, training and trust for SMEs Roger Dean, Executive Directorwww.eema.org
The Challenge • SME’s are the most vulnerable due to; • No in house resources • No funding • No technical knowledge • Once infected the vulnerability could infect the whole supply chain • SMEs believe that their business will be “invisible” and will not be worth targeting by cyber criminals – this is a myth the we need to overcome. • It is imperative to communicate to SMEs that cyber security and risk management are a core threat that can destabilise their business.
The solution • Market research in at least three EU states • Raising awareness to acquire and disseminate cyber security knowledge and skills. • Compile best practice training and education programme • Initiate a short term market test programme • Develop innovative techniques to facilitate hard to reach sectors
User Experience • We have the skills and capability to manage a cyber risk project • It is clearly in the interests of business to provide leadership and investment in this area • We have a strong cyber security education and training base • We have a vision for a vibrant, resilient and secure cyberspace • Collaboration with other organisations such as ENISA, BCS, Chamber of Commerce • This sprint will be greatly enhanced by EU Regulation and National campaigns which would champion the SME’s responsibility to ensure their cyber security.
The Benefits/Impact • This will contribute to economic prosperity, protect the supply chain and a strong society • A highly skilled workforce will enable cyber suppliers to derive maximum benefit from these opportunities • Connect and mentoring SMEs through liaison with larger organisations • Create a code of SME Best Practice Guidelines • Establish a pipeline of SME stories, media interviews, stories, news releases, industry commentary • In consultation with professional accountancy bodies define a set of cyber security audit requirements
:Timescales • Maximum 3 months to complete the sprint. • Initial market research 4 weeks • Collaborate with other cyber security organisations – 4 weeks • Create awareness and training programme – 4 weeks • Develop innovative solutions to enable hard to reach sectors – 5 weeks • Self audit by SMEs to measure effectiveness of the exercise – 2 weeks • Obviously some of these activities will run in parallel
Requirments • Enlist experts in awareness and education to find creative solutions to the problems • Research in partnership with a sample group of SMEs in three EU Member states to inform and support the SPRINT • Time and travel expenses