CCOE Provides Access to NCSC-Accredited Training

The Cyber Centre of Excellence (CCOE) has teamed up with UK Government-certified cyber security and awareness training provider OSP Cyber Academy to provide access to a wide range of cyber security and data protection training programmes.

Through the CCOE, local authorities and other public sector bodies can access OSP Cyber Academy’s Cyber/Information Security and Data Protection training, which is National Cyber Security Centre (NCSC) certified. Training days, such as the Cyber Risk & Resilience Board & Executive Awareness Course, will be offered in person for executives, while an online system will also be available to allow an organisation’s wider employee population to access various online courses. These will include: OSP’s GDPR Staff Awareness Course, Cyber Security Staff Awareness Course, Phishing and Social Engineering Course and Mobile Device Security Course and the newly developed Supply Chain Cyber Awareness Course.

These courses will help reduce risk, improve cyber resilience and demonstrate compliance with legal requirements. Thomas McCarthy, Managing Director at OSP Cyber Academy, said training and awareness must start at the top of the organisation but that it was also vital this filtered down to the wider employee population for maximum benefit. One reason is that cyber risk is greatly increased by employee error, such as unwittingly clicking on an unsecure link.

Irene Coyle, Chief Operating Officer at OSP Cyber Academy who is one of the company’s training leaders, said education and awareness were important and that this must be continuous due to the rapid and ever-changing nature of cyber threat. “Public authorities are a real target. Cyber attackers are looking to be disruptive and to cause chaos. Having strong policies and training in place can greatly reduce risk exposure.”

However, she said it was vital cyber security and data protection were not viewed as ‘box-ticking’ exercises. Even where senior management can demonstrate compliance, such as by having a data protection policy in place, Coyle highlights that this is not enough – staff have to be aware of such policies and why they are important too. “When you can show the relevant policies are in place, that is great and it has ticked the box, but is that policy known by the users of company devices, do they follow it and how do you know that they follow it?,” she asks. “The key thing is education and awareness and that must be continuous. You can have any certification you want but that doesn’t mean you are reducing the vulnerabilities your people may create.”

McCarthy said OSP Cyber Academy was providing training at the highest standard: “We are a NCSC-certified training provider, which is not something any organisation can say. We are the leaders in what we do in cyber protection training and data protection training. We also know the other organisations involved in the CCOE are all equally credible which is what makes it so exciting to be a part of.”

• To find out more about OSP Cyber Academy visit: https://ospcyberacademy.com

• To book cyber training at discounted rates for local public services, please go to: www.ccoe.org.uk