"Digital literacy is regularly communicated at all levels of the organisation through workshops, intranet, noticeboards or email briefings and advisories. An example has been cybersecurity and keeping staff informed via regular email and intranet advisories such as 'Anatomy of a malicious email', a cybersecurity section at our welcome day for new starters, a collection of cybersecurity do's and don'ts posters for staff noticeboards around the country, and a board workshop about cybersecurity risk and mitigation."
Greg Morley, United Living's CIO
"A security awareness roadshow addressed our general user security awareness - a new and home-grown approach to engaging face to face with our employees across the group that has been successful and is set to continue and evolve to make increased use of our internal creative and marketing resources. The groundwork for this new initiative was completed last year with the creation of our security content, shared with the business in monthly communications within our group."
Sean Harley, Ascential's CIO
"We have also tried to be innovative in the way in which we approach IT security, taking a 'rights and responsibilities' approach with end users, rather than a prescriptive, policy-based approach. For example, we are trialling the use of 'self-managed' laptops, where scientists get the rights to manage Crick-provided equipment, but are accountable to me as CIO for following good practice guidelines, which we supply."
Alison Davis, Francis Crick Institute's CIO
"I set up an information security steering group in the first three months of joining after reviewing where we were on the infosec roadmap. The steering group is 80% of the management board of Brussels Airlines and is a mandatory monthly meeting. It has opened eyes to the current level of maturity in information security and is now the group that is authorising spend and priority on the three-year programme that is now in place."
Simon Lamkin, Brussels Airlines' CIO