Cybersecurity awareness and training: The CyberSecPro and NERO approaches

The European Union agency for cybersecurity (ENISA) has consistently advocated that the advanced cybersecurity awareness programs are the best way to educate and develop a security-first culture amongst employees on how to mitigate the impact of cyber threats and incorporate activities, resources, and training to foster a cyber security culture. The development of these awareness programs and the associated trainings require a well–structured approach that can only be achieved by the close cooperation of Higher Education Institutions (HEIs) with companies and relevant agencies. In this talk, we will describe an ecosystem consisting of five interrelated frameworks provisioned to offer a cybersecurity awareness program. This program, named NERO, primarily provides SMEs with a Cyber Immunity Toolkit Repository, Cyber Resilience Program, and Cyber Awareness Training via gamification and provides its modules through a user-friendly marketplace. The methodology to evaluate its effectiveness and performance in three use case demonstrations on different domains will be delineated.