In 2017, 59% of South African companies attributed weaknesses in their IT security strategy to the careless actions of employees.

With staff training seen as an important way to reduce cybersecurity incidents, finding the most efficient approach remains a pain point for many IT departments.

To help companies address the issue, Kaspersky Lab has developed an Automated Security Awareness Platform to make it even easier for companies to ensure staff are armed with the very latest skills and knowledge. The online service aims to help companies boost the cyber-awareness of their employees enhancing training efficiency with micro learning, different lessons formats and continuous reinforcement.

Kaspersky Automated Security Awareness Platform (ASAP) is a new web-based learning system which automates cyber-awareness training for companies of any size. The platform helps businesses to address gaps in employees’ cybersecurity skills and knowledge, with each lesson taking less than 10 minutes to complete.

ASAP can be used to bolster the cyber-hygiene of employees with different risk levels – from basic to advanced – through an automated learning path which allows them to progress at their own pace.

To engage employees in the education process and increase their personal cyber-awareness, the platform uses the following key approaches:

* Targeted training: the platform includes specific exercises to strengthen over 350 skills, with training levels ranging from beginning to ‘advanced’, to suit different profiles. For example, one member of staff might only need to have a grounding in cybersecurity, which can be gained through the ‘beginner’ level, taking just a few months to complete. However, a senior manager who works with confidential information will need to know how to keep data secure across the whole department, requiring a higher level of cybersecurity knowledge. In this instance a more advanced level is appropriate;

* Micro learning and multimodality: sessions last between just two and 10 minutes, with methodology based on key psychological and educational practices. Taking into consideration the peculiarities of human memory, repeated reinforcement helps to build strong skills retention and prevent obliteration;

* Gamification and relevance to real life: training is engaging and based on real life events. It draws on users’ practical interests and highlights the personal importance of cybersecurity for employees, to ensure skills are not rejected.

The Kaspersky Automated Security Awareness Platform allows companies to set measurable goals that can be clearly monitored in an online dashboard. Easy reporting means that updates and actionable reports are available to the management team as required.

The flexible licensing model for Kaspersky Automated Security Awareness Platform includes a monthly subscription, making effective learning open to businesses of any size. The platform also features functionality and multitenancy designed for managed services providers (MSPs). In the second half of 2019, enterprise-specific features will also be added to the platform.

This will include customisation options, integration with the AD (Active Directory) – to allow it to pull a list of users directly from the company’s directory – and installation on a private cloud.

“Our aim was to create an easy-to-manage, web-based tool that would help companies balance security competence levels for different groups of employees. Through a micro-learning approach and automated learning paths we hope to engage staff as well as ensure easy acquisition of skills and prevent obliteration. This approach is particularly relevant for small businesses, which do not have experienced staff or resources to manage an efficient security awareness program,” says Slava Borilin, security education program manager at Kaspersky Lab.

The platform is available in English, German, Italian, Russian, French and Spanish. Arabic and Dutch are coming later in the 2019.