The OSKY Information Security Awareness Program, spearheaded by our Chief Technical Officer (CTO) or Technical Director, is a holistic initiative designed to deliver targeted security education to all employees and contractors based on the specifics of their job functions. This program, under the guidance of our technical leadership, ensures a deep understanding of information security principles and practices throughout the organisation. Additionally, our commitment extends beyond internal initiatives, with our CTO regularly making public service announcements on social media to create awareness in the broader community.

1. Leadership-Led Workshops:

• Interactive workshops led by the CTO/Technical Director, tailored to address security challenges relevant to different departments and roles within OSKY.
• Real-world insights and case studies shared by the technical leadership to enhance understanding.

2. Role-Specific Training Modules:

• Customised training modules developed and delivered by the CTO/Technical Director, addressing the unique security considerations of various job functions.
• In-depth sessions covering secure coding practices, data protection measures, and adherence to industry standards.

3. Executive Briefings:

• Specialised briefings for executive leadership, emphasising the strategic importance of cybersecurity and information security practices.
• Discussions led by the CTO/Technical Director on the evolving threat landscape and the organisation’s cybersecurity posture.

4. Simulated Security Scenarios:

• Conduct simulated security scenarios and exercises led by the technical leadership to assess the organisation’s readiness to handle diverse cyber threats.
• Immediate feedback and debrief sessions to discuss lessons learned and areas for improvement.

5. Direct Communication:

• Regular communication from the CTO/Technical Director through emails, intranet announcements, and video messages to reinforce key security messages.
• Insights into emerging cybersecurity trends and the crucial role of each individual in maintaining a secure environment.

6. Live Q&A Sessions:

• Live question and answer sessions with the CTO/Technical Director to address queries related to information security.
• Opportunities for employees to seek clarification on security policies, best practices, and organisational security goals.

7. Continuous Learning Platform:

• Access to a secure online learning platform curated and managed by the technical leadership.
• Webinars, video tutorials, and knowledge resources updated regularly to keep employees informed about the latest security developments.

8. Incident Response Workshops:

• CTO/Technical Director-led incident response workshops to train employees and contractors on effective responses to security incidents.
• Analysis of real-world incidents and case studies to enhance incident response capabilities.

9. Recognition from Leadership:

• Recognition and acknowledgment from the technical leadership for individuals or teams demonstrating exemplary commitment to information security.
• Regular updates on the positive impact of security awareness efforts across the organisation.

10. Commitment to Compliance:

• The CTO/Technical Director provides insights into regulatory requirements and compliance standards, ensuring that all employees and contractors receive relevant training.
• Updates on changes to compliance standards and their implications for OSKY.

11. Public Service Announcements:

• Monthly public service announcements on social media (Facebook and Linked-In, made by our CTO, to create awareness in the broader community.
• Sharing insights on current cyber threats, best practices, and the importance of cybersecurity in the digital age.

The OSKY Information Security Awareness Program, enriched by leadership involvement and public engagement, underscores our commitment to maintaining a highly informed, security-conscious workforce and contributing to public awareness beyond organisational boundaries.