Cyber Awareness Training (MetaCompliance)
Moray Council face cyber threats and attacks, we know that phishing is a major threat to Moray Council as well as to all of us personally. Fraudsters are constantly trying to attack individuals and businesses in order to obtain sensitive and valuable information that they use to expand their criminal enterprise.
Recent successful cyber-attacks on Comhairle nan Eilean Siar (Western Isles Council), as well as other successful attacks on public bodies (NHS, UHI, SEPA) and businesses (Arnold Clark, Royal Mail) show how real the threat is. Moray Council is also subjected to attempted phishing attacks on a regular basis, which if successful could massively impact our ICT systems, our day to day working and the services we provide.
To help ensure all of our employees understand the dangers, and what each and every one of us can do to help protect Moray Council as well as themselves personally, we have partnered with MetaCompliance.
‘Meta Compliance provides a world-class security awareness training solution that helps to mitigate human-born risk, in a continually evolving cyber security landscape.’
Meta Compliance provides a platform to deliver cyber awareness and security tests and training for employees. The security awareness training is designed to capture employee’s attention and improve employee’s cyber security and compliance behaviours.
As part of Moray Councils staff awareness and cyber security training, working in partnership with Meta compliance there will be a number of planned modules designed to foster a culture of cyber resiliency within Moray Council and combat the threats we face. In the coming year, employees should also expect additional simulated tests to check that the training is effective and that our overall exposure to insider/outsider cyber threats is reduced.
Mandatory module 1: Employee awareness and cyber security training
You will have seen a simulated email phishing attack at the end of November that looked like the image below. You may remember seeing this email. You may even remember clicking on it.
Results:
The results were concerning. The bad news is 737 employees clicked on the link and 452 entered details. The good news is that around 275 employees reported this as a suspected phishing/scam email to our IT Service Desk.
To help ensure all employees understand the dangers, and what employees can do to help protect Moray Council as well as themselves personally. Moray council will be launching mandatory cyber security training in the form of a series of bitesize videos, which will help you identify phishing attacks. This training should take no longer than 15 – 20 minutes to complete.
What to expect
All employees will receive an email from no-reply@metacompliance.com which will contain a link to the online training module provided by MetaCompliance, and will look like this:
This training is the first of a number of planned mandatory cyber awareness and security modules which every employee needs to complete.
Please remain vigilant for any phishing emails or any unusual cyber activity or links, if you are in any doubt, please contact ICT immediately.
If you have any questions regarding the training or access to the training log in page, please contact ICT at our IT Service Desk