Research shows that over 90% of all security incidents are due to human error, which is why security training is growing enormously in importance. Training programs are designed to help employees understand their role in combating any data breaches, property rights violations or brand reputation damage. Effective training teaches employees what constitutes good cyber hygiene and makes it clear to them to identify the risks associated with their actions, as well as to recognize potential IT attacks as such.
At a global leader in the engineering industry, the product and web development teams were working without security requirements.
The focus is on microservices in different programming languages (C, Go, Java, C#). In addition, the employees were insufficiently trained for product development. Thus, the customer had very specific requirements for cybersecurity training. In the first step, CyberCompare formulated the requirements and created a very concrete training schedule based on them.
In order to find the right cybersecurity provider, we have established five criteria:
This search yielded three potential vendors, and after an anonymous RFP process and bid presentations, our team selected the most suitable bid.
Through CyberCompare's database of trusted security companies, a qualified training provider was found that not only demonstrated expertise in secure development, but also met the demanding criteria.
Two main points have led to success:
1. a pilot of the course before a rollout across the entire team of over 200 developers
2. the guarantee of confidentiality through a completely anonymous call for tenders.