By ; Nahla Muqalad
European cybersecurity company Nixu is concerned about the growing level of phishing that can harm people from all walks of life and across all levels of society. Training has a great preventive effect as it helps people to effectively improve their social engineering awareness and identify and prevent phishing.
As technologies and cyber defense protection continue to improve, criminals tend to exploit the human weaknesses of employees to gain easier access to an organization's information and systems. With a clever social engineering attack, the victim is made to take a decision or perform an action that they wouldn’t do under normal circumstances, such as fall for a phishing email, click on a malicious link, or provide information or access to someone that should not have it. The attack might be executed as a scam, where the attacker might be acting as a trusted person, such as a co-worker or a company’s technical support person.
Anu Laitila Cybersecurity Awareness Business Manager at Nixu reminds that people influence security more than any technology or policy: “According to Gartner as amazing as it might sound 93% of successful data breaches start with a phishing attack, up to 30% of recipients open the phishing messages and 95% of all attacks are due to human error, typically coming in via a user's inbox.”
Recognizing manipulation can be very difficult. However, companies can significantly improve their information security by providing their employees with training aimed at raising the level of security awareness – at work and during their leisure time. Nixu supports companies in this important work by providing tailored training, including the use of the Nixu hACME, a social engineering role-playing game, and other innovative training methods.
Focus on youth and students
Also, young people and students are very potential victims. The young generation of society is much more open-minded in using new technologies and applications, therefore it is necessary to increase their cybersecurity awareness.
In line with its mission, Nixu wants to keep the digital society running. In addition to enterprise clients, Nixu wants to raise awareness and skills, especially among young and students. For many years, Nixu has provided opportunities specifically for the young and students to learn cybersecurity skills. One of these is the Nixu Challenge that provides a pathway to Nixu's trainee program. In addition, Nixu works in close cooperation with educational institutions in countries where Nixu has offices.
Picture: Victor Sant’Anna, the developer of Nixu hACME and Senior Security Consultant at Nixu, and students of Laurea University of Applied Sciences at the cybersecurity awareness training.
In March 2020, Nixu organized a training for the students of Laurea University of Applied Sciences as part of the Information and Cyber Security course in Finland. In this training Nixu's cybersecurity experts taught how criminals can use various manipulation techniques, how to identify a scam, and how to avoid any unpleasant consequences. Nixu hACME role-playing game was utilized in the training. The game was released by Nixu in January 2020.
“Nixu’s training offers an excellent component to our education and further strengthens the existing knowledge base that we have created. This education is also a good example of a partnership between an educational institution and the business world, which lets us utilize top-notch industry expertise, and at the same time makes the company known among our students, ” says Pasi Kämppi Senior Lecturer at Laurea University of Applied Sciences.
“The game of social manipulation was an interesting and entertaining way to get to know the topic. In real life, social manipulation often takes a long time, and through the game you get to know the subject effectively,” says Laurea student Mikael.
"It is fundamental to find effective and meaningful ways to improve social engineering awareness," Victor Sant’Anna advises.