www.kaspersky.com/awareness
www.k-asap.com
Philip Verbeeck – Enterprise Account Manager
18th November 2019
Creating awareness: how to prevent security breaches within your organization
Expertise2
Our Global Research and Analysis Team of security experts constantly explores and fights the most advanced cyberthreats
new malicious files are
detected by Kaspersky Lab
every day360,0001/3 of our employees are
R&D specialists 50+world-leading
security experts:
our elite group
About Kaspersky
See how easy it is …
€ 250 million loss**Source: Financial Times – Aug 2017
What companies faced
€ 640.000 loss**Source: De Tijd – April 2018
What companies faced
What SMB - companies faced
€ 4.940,- / minute downtime loss**Source: Gartner – Nov 2018
CCB: “in 2017, 60% of the cyber attacks were addressed to SMB’s, 95% of Belgian companies are SMB’s....”
What public institutions faced
24 out of 28 municipalities lacking adequate protection**Source: Computable – September 2018
80% of cyber incidents starts
with a human mistake
The weakest link
average financial impact of a
single data breach and
attack vector*
up to € 340 per employee per year
€ 73.400per SMB company
€ 730.500per enterprise
* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016.
** “Business Perception of IT Security: In The Face of an Inevitable Compromise”, Kaspersky Lab, 2016.
*** Calculations based on Ponemon Institute, “Cost of Phishing and Value of Employee Training”, August 2015.
average cost of phishing
attacks alone***average financial impact of a
single data breach and
attack vector*
€ 734.000per breach
average financial impact of an
incident involving careless
actions of employees**
Human mistakes as a big cyber risk
(despite of traditional awareness programs in place)
Kaspersky’s approach to Cyber Safety Awareness
Different training formats for different organizational levels
Kaspersky Interactive Protection Simulation
• Understanding “why is security so
important for each of us?”
• Distinction “what is safe and unsafe
behaviour?”
• Positive examples approach “How
to do", instead of only “Do not”
• Conceiving ”how are cybercriminals
looking at us?”
Game format for motivation purposes
22 Online modules:
• Anti-phishing
• Privacy protection• Social media • Physical security
• Security for mobile devices• Safe internet use• Security outside the office
• Social engineering• URL-training• E-mail security
• Passwords• GDPR• ...
Cyber Safety E-Learning
Continuous training methodology
Assess• Knowledge assessment
• Simulated attacks
Educate• Interactive skills training
modules
• CyberSafety Management Games
• KIPS
Reinforce• Line managers support
• Awareness materials (Leading to the Light)
Measure• Knowledge tracking,
benchmarking, reporting
• Safety Culture Assessment
Continue during the year, cycle by cycle
Best Practice Guide and technical support
� Effective
Employees develop strong cyber security
skills with short lessons and continuous
trainings.
� Focus on ease of use
Fully automated platform which is configured
and managed in a few minutes.
Free trial with 5 users.
K-ASAP: a simple and effective solution
www.k-asap.com
On-line free trial :
Educational schedule
Target levels depending on the position of the employee and the need to be protected against certain types of attacks
Target Level… …which normally allows to withstand against…
… recommended for (examples)…
I – Beginner Mass (cheap and easy) attacks Juniors, factory workers
II – Elementary Mass attacks on a specific victim
profileMarketing, engineers,
administrative employees
III – Intermediate Well-prepared focused attacks on a
chosen group of victims HR, non-executive
accountants
IV – Advanced Targeted attacksIT (admins), personal assistants, executives
Progress monitoring and sending recommendations automatically
� ASAP monitors progress of each student.
� Every week employee receives a letter with a progress report.
� The employee receives personal recommendations on how to improve results: on which dates they should target to
study according to the schedule
This saves the administrator’s many hours of tracking progress and sending reminders without sacrificing the quality of training.
Kaspersky Automated Security Awareness Platform (K-ASAP) in practice
Stay aware.
www.kaspersky.com/awareness