Soon everyone will receive an e-mail invitation to use the new Security Education Platform. 'We'll start with an inventory of 33 questions in total, to get an idea of the state of security and awareness. That forms our baseline,' explains project leader Wim Olijslager.
Subsequently, the complete training offer consists of 33 different exercises, from 'introduction to phishing' and 'URL training' to 'password management' and 'lock before you leave'. 'We don't expect people to spend hours or even days doing all the exercises,' says Olijslager. 'Each exercise takes about five to ten minutes and is often accompanied by a bit of theory, a video and questions. We think that someone will need a lesson or two a month at most. It should be easy to fit this into one's daily activities.'
Above all, the platform is suitable for offering customised solutions, according to Olijslager. 'Suppose we see differences between, for example, young and old, male and female, student and employee, then we can adjust the offer accordingly. We can even adjust the offer based on someone's personal focus points.'
To measure is to know
The aim is not only to improve the knowledge and skills of UT staff, says Olijslager. 'We have been educating and informing people for years in various forms, from flyers to escape rooms. But the impact of this and on people's behaviour is difficult to measure. That is why we entered into a collaboration with BMS scientist Jan-Willem Bullee, in order to obtain these insights. In doing so, we don't just want to help the individual student or employee, but the entire organisation.'
For the university, the threat from cybercriminals is 'constant and real', says the project leader. 'When it comes to cyber security, people tend to think of privacy and the protection of personal data. The importance of knowledge security is often underestimated, which is particularly important for the UT. As a knowledge institution and cooperation partner, we want to show that we handle data well and carefully.'