The Dubai-headquartered IT SEC has launched CyberShield, a comprehensive cybersecurity awareness training platform. The cloud-based platform, which is NESA and ISR compliant, includes simulated phishing methods, training materials and assessment tests to help companies measure the level of human risk.
“Today, most of the cybersecurity awareness programmes are based on legacy systems and we are going to change the game. CyberShield will help organisations to create a culture of cyber risk awareness and make every employee responsible for cybersecurity,” says Amir Kolahzadeh, CEO of IT SEC. “When someone comes on board, we can allow them to log in at any time and take an assessment test to build a baseline of awareness for the organisation. Based on that, we can build a customised campaign for organisations to see where the weaknesses are.”
Kolahzadeh says cybersecurity awareness training has become a regulatory mandate for both local and federal government employees by the end of this year. “Our platform can not only improve training effectiveness but produce reports for government entities as well.”
Carlos Vazquez, CSO of IT SEC, says organisations in the Middle East can leverage CyberShield to gauge security knowledge of every employee. “People are always the weakest link in security and you have to train the human mind. We will help organisations create a baseline as to how their employees perceive security in their work environments.”
Kolahzadeh says CyberShield also gives security decision makers the ability to bolster the efficiency of their own awareness programmes. “Often, security managers don’t explain the nature of their organisation’s security policies to employees, which leads to resistance in the workplace. We can help make people more risk aware and change their behaviours at work.”
He says the region is lagging behind when it comes to cybersecurity awareness. “This is mainly because of two reasons – shortage of skill sets and the physical security we enjoy in this country. People tend to take that same sense of security and apply it to their online behaviour. However, there has been a dramatic increase in awareness over the last 24 months due to the constant media coverage of cyber-attacks.”
He adds that hackers are not looking for traditional ways to get into networks now. “Most of the infrastructure equipment is safe, and the landscape has shifted to spear phishing. In fact, 80 percent of the cyber-attacks today are initiated through social engineering methods. What sets us apart is the customised phishing assessment templates we offer based on an organisation’s business logic and its interaction with third parties.”
CyberShield comes in three different flavours – standard, enterprise and platinum. The enterprise package includes e-mail exposure check, instant email breach notification, and USB risk assessment, while platinum level offers additional benefits such as smishing security test and real-time intervention awareness. “We also offer the option of customised training content in Arabic and we will add vishing to the platform over the next 30 days,” says Kolahzadeh.
