Cyber Security training from QA

The human element of cyber security

Key thoughts and findings from my two days at 'The Cyber Security Show 2015' in London.

Richard Beck | 20 April 2015

The human element of cyber security

I have spent the last two days at 'The Cyber Security Show 2015' in London. One theme in particular stood out – the ‘human element’ of cyber security.

The thing everybody needs to understand is that cyber security is not just a technology issue – it is a people issue.

Increased investment is needed to combat sophisticated attacks

A sophisticated cyber-attack can cause major damage, so every company needs to plan their crisis response carefully. There is currently significant underinvestment in cyber incident response and resilience – this trend needs to be reversed. We also need to invest more in deep cyber skills for our security specialists so they are able to combat the growing threats. Cyber security training is now more vital than ever.

51% of the worst security breaches in 2014 were caused by staff

Without adequate training, staff are the biggest security risk. They download files that contain malware, they lend out passwords, and they can even be manipulated to unknowingly provide sensitive information – a tactic known as social engineering.

Even the most advanced security systems can be bypassed if attackers can obtain information such as staff log-in details, so you can’t solely depend on technical solutions for protection.

It is vital to educate staff on cyber threats

By staff we mean everyone, including outside suppliers with access to internal systems. Education cannot be a one-off, tick-box exercise. It must be a continuous process, with comprehensive training for new starters (including temporary staff) and regular refresher sessions for permanent staff.

Although it's apparent that people can be "the issue" when it comes to cyber breaches – they are also the solution to protecting an organisation's most valuable assets. It's an ongoing cycle, whereby everyone needs to be educated with the armour to detect, deter and defend from a cyber attack.

Additional Resources

At The Cyber Security Show, I had the privilege to run a seminar session for attendees. I discussed and focused on the importance of being prepared for potential attacks, destructive trends and above all the in-house cyber skills required to build a strong, competent security team.

Download my Cyber Security Show Presentation.

For more infomation visit QA's Cyber Security page or email us on if you have any questions.

Richard Beck

Richard Beck

Director of Cyber Security

Richard Beck (CISSP, CISM, CISA) is Director of Cyber Security at QA, responsible for the entire Cyber Security portfolio across the four QA divisions. He works with customers to build effective and successful security training solutions tailored for business needs. Richard has over 15 years' experience in senior Information Security roles. Prior to QA, Richard was Head of Information Security for four years at Arqiva, who underpin 20% of the UK's Critical National Infrastructure. Richard also held Security and Technical Management posts at CPP, GEC, Pearson and the Royal Air Force. Richard sits on a number of security advisory panels including IBM, BCS and EC-Council and previously chaired the Communication Industry Personnel Security Information Exchange (CPNI). Richard is also a STEM Ambassador working to engage and enthuse young people in the area of cyber security. Providing a unique perspective on the world of cyber security to teachers and encourage young people to consider a career in cyber security.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.