Rostelecom-Solar helped Dow Isolan increase employee cyber literacy

2022: Implementation of the project to improve the cybersecurity skills of Dow Isolan employees

The Roste lecom-Solar company announced on July 27, 2022, the implementation of a project to improve the cybersecurity skills of employees of Dow Isolan, a large manufacturer of polyurethane systems in Russia. The training course is tailored to the customer's needs and is provided through the Security Awareness (SA) cloud service of the Solar MSS platform. With its help, you can check how much the company's staff is able to recognize phishing, and raise awareness of employees about current cyber threats. According to the results of the first training course, the number of users who commit potentially dangerous actions has already decreased by a third.

Employees of companies still remain a weak link through which hackers they can penetrate the corporate network. According to the to data center of counteraction to cyber attacks Solar JSOC of the company "-Rostelecom Solar," 75% of cyber attacks begin phishing with letters. Through them, attackers spread various malicious things, ON force employees to enter their own personal and credentials, and through fraudulent schemes steal money from companies' accounts.

The cyber literacy course includes templates for test mailings in the organization, as well as theoretical materials describing the signs of phishing, hacker tricks and possible consequences. attacks Letter templates are formed based on the internal features of the company and specifics, industries external information guides and attack vectors. At the same time, they are periodically updated to maintain the relevance of mailings. The theoretical course includes four basic blocks: working in, Internet phishing and working with, by mail mobile safety as well as physical security.

Raising awareness of cybersecurity is an important part of the company's information security strategy. We understand the need to regularly update information security knowledge and form skills among employees that will help us behave correctly in the event of a real cyber attack. Previously, they independently conducted cybersecurity training, but it was resource-intensive - so the company decided to purchase an automated service, within which there are already templates, you can configure mailing to different groups of employees, assign users a suitable theoretical course and evaluate the effectiveness of training. noted Danila Goncharov, head of the IT department at Dow Isolan.

It is extremely rare for companies to recognize the importance of training employees in cybersecurity skills - at best, everything is limited to basic instruction for new employees. However, it is impossible to achieve an effective result without practice in the form of phishing simulation. The SA platform from Rostelecom-Solar contains more than 90 different templates for test mailings. At the same time, the course can include both phishing options with standard, typical schemes, and templates customized for a specific company. It is optimal to carry out at least 15 mailings per year, but not more than 3 - per month, explained Yulia Kuklina, head of Security Awareness, Rostelecom-Solar.