Promote this Nomination
|Company size (employees)||100 to 499|
|Type of solution||Service|
eGT’s industry-recognized security education program supports the Secretary for the Department of Health and Human Services (HHS), Office of Information Security to teach and bring awareness of cybersecurity best practices to over 80,000 Federal employees and 40,000 contractors working in 11 unique Operational Divisions across the U.S.
Recognizing that humans are the weakest link in organizational security, eGT’s integrated cybersecurity awareness and education program focuses on the “people” part of change management to complement ongoing cybersecurity “processes” and “technologies” deployed throughout HHS. Since many people find the topic of cybersecurity to be an intimidating topic that is too broad in scope and practice to approach, much less master, eGT’s program recognizes this common attitude and presents cybersecurity best practices as personal, practical, and plausible.
The Departmentwide CyberCARE initiative increases Cybersecurity Communications, Awareness, Response, and Education through website articles, posters and bi-weekly email knowledge checks prompting staff to read, test their knowledge and attend training. The Healthy Technology lunch n’ learn trainings reinforce CyberCARE’s monthly cybersecurity theme. All content is designed to bridge age, cultural, and attitude gaps and make an intimidating topic seem more approachable and understandable. Programs convey the knowledge and skills necessary to safeguard technology, reduce incidents, and use technology safely, both at work and home. As employees are empowered to proactively address and respond to cybercrime, the number of cybersecurity and data privacy incidents will decrease. HHS saw a decrease in phishing each quarter in Fiscal Year 2017. CyberCARE articles are the top website viewed each month at HHS, and 300-500 people attend monthly training sessions, both in person and virtually. eGT’s security education program is the starting point of a cultural change to promote organizational cybersecurity because it truly empowers people to be cybersecurity guardians.
• eGT’s approach to cybersecurity education recognizes that we must change the organization’s cybersecurity culture (employees’ thoughts, beliefs and behaviors) to change security outcomes.
• eGT’s training and awareness content is designed to educate the broad, non-IT workforce, to increase cyber hygiene best practices of all users, and thereby reduce insider threat.
• eGT’s security education program weaves together multi-faceted, recurring communications to reinforce annual security and privacy training.