IAG follows Alice down the rabbit hole to teach security

By on
IAG follows Alice down the rabbit hole to teach security

Stages Wonderland-themed Escape Room for staff.

Financial services company IAG has used Alice in Wonderland as a metaphor to educate staff about better security.

The company last year created an Escape Room experience in which staff were led into a  Wonderland filled with clues and fictional characters and challenged to use their security knowledge and skill to get out of the room.

“Education and awareness have been core tenets of our strategy and people are our best defence,” said IAG chief security officer Jeff Jacobs.

“We are always looking for innovative ways to educate staff.”

The "Alice in Cyberland" experience came about after Jacobs challenged his team to develop an innovative and lighthearted way to teach security principles.

“We saw escape rooms as popular trend,” Jacobs said.

And so his team built one into meeting rooms at IAG. That's the insurance industry for you.

"Staff walked into a huge room set up as an Alice in Wonderland environment," Jacobs said.

“The scenario was that they are employees and had to unlock data that had been ransomed by solving cyber themed puzzles. In one they had to get puzzle pieces and put that together to get the question ‘who do you report breaches to?’"

"In another they had to unlock a locked diary to get a code. In another challenge they had to solve a riddle."

IAG’s board was shown a virtual version of the Escape Room and offered positive feedback.

So did the 50-plus groups of six staff who participated in the 20-minute exercise.

Jacobs said feedback was positive from participants. That outcome, he added, was as valuable as improvements in security knowledge as it showed that the company's staff had engage with the topic at hand.

The Alice in Cyberland escape room is not IAG’s only pop-culture-themed security education initiative. The organisation previously ran a “Game of Codes” exercise, plus more conventional security training such as phishing drills.

“We try to have a combination of signature events that people will remember and mix that up with business-as-usual activity,” Jacobs said.

His overall goal is creating a security-aware culture. ”After a phishing test it is not about rapping people over the knuckles for getting it wrong,” he said. “Everything we do is about culture and education.”

The Alice-themed exercise went down particularly well, and was adopted across IAG ANZ  and even repeated in some of the organisation's Asian offices.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
educationiagprojectssecuritytraining

Sponsored Whitepapers

Responding To Industry Trends And Our 5m+ Users
Responding To Industry Trends And Our 5m+ Users
The Future of Digital Identity in Government
The Future of Digital Identity in Government
Secure Public Services for Every Australian
Secure Public Services for Every Australian
7½ Questions for Aged Care's Digital Decisions
7½ Questions for Aged Care's Digital Decisions
Creating the Sustainable IT Department
Creating the Sustainable IT Department

Most Read Articles

Australia appoints first cyber security coordinator

Australia appoints first cyber security coordinator
Apple rushes out patches for exploited zero day bugs

Apple rushes out patches for exploited zero day bugs
Perpetual 'extended outage' caused by security incident at third-party

Perpetual 'extended outage' caused by security incident at third-party
Exploit emerges for Cisco VPN client vulnerability

Exploit emerges for Cisco VPN client vulnerability

Digital Nation

Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
DeepAI founder on the risks of artificial intelligence
DeepAI founder on the risks of artificial intelligence
COVER STORY: The opportunities and risks of cybersecurity insurance in Australia
COVER STORY: The opportunities and risks of cybersecurity insurance in Australia

Log In

  |  Forgot your password?