Problem viewing email? Click here to view it online.
 

NEWSLETTER #03.

 

INFORMATION SECURITY TRAINING FOR SMEs

The aim of the project CISOinSMEs is to create a course of Information Security specially oriented to European SMEs, which includes classroom training, online training and a multimedia platform. Also this course is certifiable by the VCC system. This summer we have made in Bulgaria, Greece and Poland a pilot test of the course that has been developed in the project in which they have participated more than 60 people, between employees, owners of SMEs and trainers.

Here we present the results of these pilot tests and the final ratings that the course have had to participants.

PILOT TRAINING PHASE

BULGARIA
training in BulgariaIn the pilot test carried out in Bulgaria by the partner Association Generations, has participated 17 students and 5 trainers and F2F sessions was held from 16 to 18 July.
The pilot training was a blended learning training session where 1/3 of the training (16 Units) was F2F training and 2/3 (24 Units) online training course.
The main objective of the training course was to verify knowledge of contemporary management of IT security as well as information security and protection, paying special attention to personal data and skills in risk management.
All participants were informed about the project’s objectives and received all the training materials developed in Bulgarian language as well as access to the CISO e-portal and the VCC platform.
The evaluation by the participants was:
-    76% of participants strongly agree and 24% agree that the organization of the face to face training sessions was appropriate.
-    47% of the participants strongly agree and 53 % agree that the CISO portal is a useful tool that will support data protection and Information Security (IS) training and Information in the CISO portal is practically oriented and covers theirs company interests.
-    The participants strongly agree that the knowledge gathered during the training could be immediately implement in their job. The participants shared the opinion, that they have upgraded their professional portfolio.
.
 

GREECE

training in GreeceIn training made by the partner IDEC in Greece participated 20 students and five trainers and F2F sessions was held from 16 to 18 September.
The course objectives were:
-    to test the blended learning contents and methodology developed in the framework of the project on the subject of Information Security for SMEs
-    to assess the training tools used (exercise, case studies, e-learning platform etc.)
-    to certify both trainers and trainees through practical and theoretical examination in accordance with the VCC certification scheme.

All aspects of the training organization were very highly evaluated, receiving only “strongly agree” and “agree” markings. The topics that presented a wider variety of marks are the following:
-    Workload during the training was manageable: 15% strongly agree, 65% agree and 20% unsure.
-    The duration of the face to face training session has been the right one: 40% strongly agree, 45% agree, 10% unsure and 5% disagree
-    The training has been important for starting data protection and Information Security (IS) proceedings in my business: 65% strongly agree, 25% agree and 10% unsure.

POLAND

training in PolandIn Poland, the partner SYNTEA carried out the training phase and 20 students participated. F2F training was held from 10 to 12 September.
The training session was planned as a so called blended learning approach, meaning that approximately 1/3 of the training (16 Units) shall be thought face-to-face and 2/3 (24 Units) shall be thought online.
Participants were representatives 12 different companies so during 3 days of F2F trainings trainer had to find a common target of 20 people and fit training materials to the needs and expectations of target group. All participants had a basic IT tools knowledge, no formal qualification in information security and little or none awareness of the impact of IS on their company.
After training session, participants took the VCC exam for Information Security Officer competence. Exam was divided into 2 parts: theoretical on the exam platform and practical written exam.

Now we highlight some aspects of the evaluation made by participants:
-    The organization of the face to face training sessions was appropriate: 60% of participants strongly agree and 40% of them agree on this statement.
-    The CISO portal is a useful tool that will support data protection and Information Security (IS) training and Information in the CISO portal is practically oriented and covers theirs company interests: 45% of participants strongly agree and 50 % of participants agree.
-    General satisfaction of the participants: 70% of participants are satisfied with training, 15% assessed taking part in training as average.

CONSOLIDATED REPORT ON THE EVALUATION OF TRAINING ACTIVITIES

Valuation of the participants
Total: A total of 57 persons attended the pilot phase, 17 in Bulgaria, 20 in Greece and 20 persons in Poland.
Gender distribution: Out of these 57 persons, 25 have been female and 32 male, which correspond to 43,86% Women and 56,14% Men.
Knowledge of Information Security before training: Most participants has some knowledge before training (43,86%), followed by fairly experience (22,81%). A group of 15,79% assessed themselves as very experienced, while 10,53% declared, that they know nothing at all concerning Information Security.
Knowledge of Information Security after training: Knowledge of Information Security rose significantly, which is a very strong indicator for the impact of our training activities. After pilot training 26,32% assessed themselves as very experienced, 59,65% as good knowledge, 12,28% with some knowledge and only 1,75% remained with fairly knowledge, while nobody assessed without knowledge. This means, that the group of very experienced users rose 10,53% and good knowledge rose mostly with 52,63%, while all weaker knowledge groups decreased significantly.
Using knowledge in work: Around half of all participants are definitely sure, that they can use their new knowledge at their actual workplace, another 26,32% are likely to applicate, which means that the training activities are directly transferable for three out of four participants in the pilot phase.
Valuation – in total: The training activities reached a very high level of grading. 43,86% valuated the training as Excellent, 42,11% as good, which means, that more than 85% of participants have been highly satisfied with the training activities..

KEEP IN TOUCH WITH US

Our website is available in English, Italian, Spanish, Greek, Polish, Bulgarian and Austrian (www.cisoinsmes.eu), so everyone across Europe can find about the project and get involved. The site contains news, information about security, VCC System and will be furtherly developed in the coming months with the online E-learning zone. And do not forget, you can still keep in touch with us via Facebook (CISO in SMEs), Twitter (@CISOinSMEs) and through our linkedin group (CISOinSMEs)
image

CISO - Project Nr.: 2013-1-PL1-LEO05-37738
This project has been funded with support from the European Commission. This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
 
www.cisoinsmes.eu
Copyright © 2014 www.cisoinsmes.eu, All rights reserved.
You are receiving this email because you have subscribed to our newsletter list. If you do not wish to receive our newsletter emails in the future, please unsubscribe here.