Over the past decade, the myth of reducing information security to configuring network security, installing CCTV cameras and access restriction systems as enough has been shattered. An ever-changing world, new challenges and organisational dynamics contribute to this field being constantly developed and updated.
Modern understandings of information security aim to use holistic approaches using a wide range of activities including people, skills, technology and resource management, which is the direction of our service offering.
The human factor is a key element in any field and information security is no exception. Despite the high-tech security systems that some organisations use, research shows that 95% of security breaches are the result of human error, which is further proof that we need to actively work with people. This is also one of the goals of the Flexible Bit in the context of information security, namely to transform the human from a “weak link” into a “trusted link”.
How do we do it?
There are definitely different approaches to this and the overall one is about building a holistic culture around information security. Important elements in it are training, selection, procedures, values and managers.
Screening of prospective and current employees
Checking the information that job applicants provide in the selection process is our latest service, which we have adapted specifically for the Bulgarian market and legislation. Checking the background and data provided by the candidate with whom you have chosen and intend to sign a contract is a vital stage for some positions, especially in organizations working with standards and frameworks such as ISO 27001, NIST CSF, where they are embedded as comprehensive procedures. We strongly recommend that a similar check be carried out when extending the powers and access to information of current employees or employees who impress us with certain behaviors and attitudes.
Information Security Training
Below we offer trainings that we have developed for anyone who wants to develop specific competencies and acquire knowledge in the context of information security. If you are interested in training your team or organization, we will be happy to make a separate meeting and offer the optimal option for you
Cybersecurity basics for end users
The training is part of Flexible Bit’s initiative to build awareness in as many people as possible about the basic and simple rules to follow to protect themselves from cyber attacks using social engineering. Classes are held on the 4th Thursday of each month at Zuum and require pre-registration.
Find out more about the training
here
How to protect yourself from social engineering
Social engineering as a means of cyber attacks is related to psychology and works with our states, so this training covers the moments when we are most susceptible to social engineering. When and how do they occur? How can we protect ourselves? How do social engineers reach our weaknesses?
All these questions and many more will be answered during the training. More about it and next dates, you can learn
here
Cybersecurity in the work environment
To assist the HR team and managers in recruiting employees, building a cyber security culture, introducing new practices, and providing managers with information on what risky employee behaviors to watch out for in order to avoid cyber attacks and information leaks. Organizing and conducting trainings.
More about it and the next date you can find
here
How to build an effective security culture in your organisation
The training is aimed at HR and managers as they play a key role in building an effective information security culture in an organisation. During the training, you will receive information on the traits and values to look out for, how to organize workflow, what behaviors and conditions pose potential security risks and how to deal with them, and many more valuable information, practices, and processes.
Watch out for next date!
Assessment of basic cyber security behaviours
Have you tested whether you follow and know the basic rules for better information security? If you haven't, now is the time, the test is completely free and only takes 7 minutes.
The test evaluates the behavior in the domains of:
- Device security
- Software security
- Security of passwords
- Networks
- Internet pages
- Messages
- Rules and processes
- Awareness
- Social networks
