Training and Awareness
RM-3.1.55
Licensees must evaluate improvement in the level of awareness and preparedness to deal with cyber security risk to ensure the effectiveness of the training programmes implemented.Added: January 2022RM-3.1.56
The
licensee must ensure that all employees receive adequate training on a regular basis, in relation to cyber security and the threats they could encounter, such as through testing employee reactions to simulated cyber-attack scenarios. All relevant employees must be informed on the current cyber security breaches and threats. Additional training should be provided to ‘higher risk staff’.Added: January 2022RM-3.1.57
The
licensees must ensure that role specific cyber security training is provided on a regular basis to relevant staff including:(a) Executive board and senior management;(b) Cyber security roles;(c) IT staff; and(d) Any high-risk staff as determined by thelicensee .Added: January 2022
