www.kaspersky.com/awareness

www.k-asap.com

Philip Verbeeck – Enterprise Account Manager

18th November 2019

Creating awareness: how to prevent security breaches within your organization

Expertise2

Our Global Research and Analysis Team of security experts constantly explores and fights the most advanced cyberthreats

new malicious files are

detected by Kaspersky Lab

every day360,0001/3 of our employees are

R&D specialists 50+world-leading

security experts:

our elite group

About Kaspersky

See how easy it is …

€ 250 million loss**Source: Financial Times – Aug 2017

What companies faced

€ 640.000 loss**Source: De Tijd – April 2018

What companies faced

What SMB - companies faced

€ 4.940,- / minute downtime loss**Source: Gartner – Nov 2018

CCB: “in 2017, 60% of the cyber attacks were addressed to SMB’s, 95% of Belgian companies are SMB’s....”

What public institutions faced

24 out of 28 municipalities lacking adequate protection**Source: Computable – September 2018

80% of cyber incidents starts

with a human mistake

The weakest link

average financial impact of a

single data breach and

attack vector*

up to € 340 per employee per year

€ 73.400per SMB company

€ 730.500per enterprise

* Report: “Measuring the Financial Impact of IT Security on Businesses”, Kaspersky Lab, 2016.

** “Business Perception of IT Security: In The Face of an Inevitable Compromise”, Kaspersky Lab, 2016.

*** Calculations based on Ponemon Institute, “Cost of Phishing and Value of Employee Training”, August 2015.

average cost of phishing

attacks alone***average financial impact of a

single data breach and

attack vector*

€ 734.000per breach

average financial impact of an

incident involving careless

actions of employees**

Human mistakes as a big cyber risk

(despite of traditional awareness programs in place)

Kaspersky’s approach to Cyber Safety Awareness

Different training formats for different organizational levels

Kaspersky Interactive Protection Simulation

• Understanding “why is security so

important for each of us?”

• Distinction “what is safe and unsafe

behaviour?”

• Positive examples approach “How

to do", instead of only “Do not”

• Conceiving ”how are cybercriminals

looking at us?”

Game format for motivation purposes

22 Online modules:

• Anti-phishing

• Privacy protection• Social media • Physical security

• Security for mobile devices• Safe internet use• Security outside the office

• Social engineering• URL-training• E-mail security

• Passwords• GDPR• ...

Cyber Safety E-Learning

Continuous training methodology

Assess• Knowledge assessment

• Simulated attacks

Educate• Interactive skills training

modules

• CyberSafety Management Games

• KIPS

Reinforce• Line managers support

• Awareness materials (Leading to the Light)

Measure• Knowledge tracking,

benchmarking, reporting

• Safety Culture Assessment

Continue during the year, cycle by cycle

Best Practice Guide and technical support

� Effective

Employees develop strong cyber security

skills with short lessons and continuous

trainings.

� Focus on ease of use

Fully automated platform which is configured

and managed in a few minutes.

Free trial with 5 users.

K-ASAP: a simple and effective solution

www.k-asap.com

On-line free trial :

Educational schedule

Target levels depending on the position of the employee and the need to be protected against certain types of attacks

Target Level… …which normally allows to withstand against…

… recommended for (examples)…

I – Beginner Mass (cheap and easy) attacks Juniors, factory workers

II – Elementary Mass attacks on a specific victim

profileMarketing, engineers,

administrative employees

III – Intermediate Well-prepared focused attacks on a

chosen group of victims HR, non-executive

accountants

IV – Advanced Targeted attacksIT (admins), personal assistants, executives

Progress monitoring and sending recommendations automatically

� ASAP monitors progress of each student.

� Every week employee receives a letter with a progress report.

� The employee receives personal recommendations on how to improve results: on which dates they should target to

study according to the schedule

This saves the administrator’s many hours of tracking progress and sending reminders without sacrificing the quality of training.

Kaspersky Automated Security Awareness Platform (K-ASAP) in practice

Stay aware.

www.kaspersky.com/awareness