{"id":44618,"date":"2022-06-15T09:03:55","date_gmt":"2022-06-15T13:03:55","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?post_type=emagazine&#038;p=44618"},"modified":"2023-03-24T07:03:33","modified_gmt":"2023-03-24T11:03:33","slug":"heathrow-airport-cybersecurity-education","status":"publish","type":"emagazine","link":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/heathrow-airport-cybersecurity-education\/44618\/","title":{"rendered":"Why cybersecurity education is taking off at Heathrow Airport"},"content":{"rendered":"<p>You might not think of cybersecurity first when it comes to airport safety, but Jasvinder Pham, Head of Cyber Development and Assurance and Matthew Bourne, Cyber Security Manager, believes it\u2019s at the heart of London Heathrow\u2019s safety practice. And education is their most important protective gear against cybercriminals that use psychological tricks, also known as <a href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/fraud-prevention-social-engineering\/36919\/\" target=\"_blank\" rel=\"noopener nofollow\">social engineering<\/a>, on their staff.<\/p>\n<p>In Tomorrow Unlocked\u2019s video Next Departure: Fighting Cybercrime, Pham and Bourne outline how they\u2019re helping Heathrow staff see through cybercriminals\u2019 mind games.<\/p>\n<h2>What is social engineering?<\/h2>\n<blockquote><p>Social engineering is when a hacker wants to access information from an organization for stealing or sabotage. They look to emotions to make you do something you normally wouldn\u2019t \u2013 like an email presenting an offer you can\u2019t refuse.<\/p>\n<cite><p>Jasvinder Pham, Head of Cyber Development and Assurance, London Heathrow Airport<\/p><\/cite><\/blockquote>\n<p>And Pham says it\u2019s a common tactic. \u201cNine out of ten breaches are done through social engineering. At Heathrow, we tend to get scattergun emails across the whole estate. We call that <a href=\"https:\/\/www.kaspersky.com\/resource-center\/preemptive-safety\/phishing-prevention-tips\" target=\"_blank\" rel=\"noopener nofollow\">phishing<\/a>. They\u2019ll ask a user to enter login and password details or click a link.\u201d<\/p>\n<h2>Learning to recognize the mind tricks<\/h2>\n<p>Where phishing emails are a scattergun approach, the Heathrow cybersecurity team responds with carefully targeted <a href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/research-cybersecurity-skills-training\/43771\/\" target=\"_blank\" rel=\"noopener nofollow\">cybersecurity education<\/a>.<\/p>\n<p>They use internal advertising to raise staff awareness of social engineering techniques, then send out their own phishing-style test emails to see who takes the bait.<\/p>\n<p>It\u2019s part of a wider cybersecurity education program based on identifying those who can benefit most from the learning. Bourne says, \u201cWe\u2019ve turned training courses on their head by asking the questions first. If you answer them all correctly, you don\u2019t need the training. If you don\u2019t, you can sometimes complete training in less than 10 minutes.\u201d<\/p>\n<p>Bourne believes cybersecurity training should resemble real-world cyberthreat situations. \u201cWe\u2019ve started using live actors to get a bigger impact and bring it to the context of the airport.\u201d<\/p>\n<h2>Customers are ready for better security<\/h2>\n<p>Pham says Heathrow wants to be on the cutting edge of security technology, but it\u2019s not always easy. \u201cWe want to stay one step ahead, but I feel like we\u2019re one step behind.\u201d<\/p>\n<p>But Pham believes one thing on their side is staff and customer readiness to embrace the latest security features. \u201cPeople use services like WhatsApp and multi-factor authentication in their home. They want more, so we need to make sure we don\u2019t miss out.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In response to social engineering emails, London Heathrow Airport created a culture of continuous, targeted cybersecurity education.<\/p>\n","protected":false},"author":2552,"featured_media":44626,"template":"","coauthors":[3673],"class_list":{"0":"post-44618","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-cybersecurity-training-cybersecurity","7":"emagazine-category-enterprise-cybersecurity","8":"emagazine-category-safer-business","9":"emagazine-tag-critical-infrastructure","10":"emagazine-tag-phishing"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/heathrow-airport-cybersecurity-education\/44618\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/secure-futures-magazine\/heathrow-airport-cybersecurity-education\/26612\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/44618","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2552"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/44626"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=44618"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=44618"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}