Skip to main content

Reference: GUIDE features best practice

Use this reference guide to understand some best practice with guide features

Sam Hopwell avatar
Written by Sam Hopwell
Updated over 10 months ago

This article will outline a few best practices for use of GUIDE features.

GUIDE is made up of the following features:

  • Advice

  • Alerts

  • Culture (GUIDE+ only)

  • Goals

  • Learning

  • User messages


Advice

  • Make this feature accessible by switching the toggle 'on' so that 'Advice' appears in the menu. This can be done in the settings tab.

  • Create and add your own advice cards for organisation-specific information. We recommend that you link the Advice Card to your internal site (eg. Sharepoint) and that you reference the allocated learning modules and or goals.

  • Upload policy documentation or important procedures regarding cyber security to advice cards that can be included in nudges or alerts.

Alerts

  • Explore and use the templates in the 'Alert library'

  • Set and Forget (choose as many templates as you would like, and send out at regular intervals throughout the year)

  • Create or test emergency alert systems (in case of Ransomware attack)

  • Create new templates to use as part of a workflow (RESPOND only)

  • Consider which Alerts would be useful to support you in raising awareness of Cyber security, whilst reducing workload?

Culture

  • Enable the 2023 version of the culture assessment to gather organisational attitudes and sentiment towards cyber security.

  • Dig into the data in the culture reports (specifically culture dimensions and user characteristics)

  • Have the 'Insights digest email' toggled 'on'. This will send a weekly digest of any insights submitted by your teams.

Goals

  • Assign specific goals for behaviours you expect your people to be exhibiting

  • Create some company-specific custom goals

    Eg. 水I always check IDs of unknown people in my workplace水 is situationally dependent and in the physical environment.

  • Assign a goal to read and formally accept policies (e.g. AUP)

  • Do not overwhelm the users with multiple goals. Up to 3 maximum.

Learning

  • Enrol all users in compulsory core training (CybEssentials)

  • Add specific training to groups where needed (eg. 'Public Wifi (video) for you remote workers to ensure they are careful when using non-office WiFi)

  • Targeted learning campaigns based on specific risks posed to business functions

  • Auto enrolment in a learning campaign focusing on Phishing, when someone submits data in a phishing campaign.

  • Annotate content to add your organisations tone of voice & any additional specific guidance.

  • Add modules using 'Module builder' (additional bolt on package for CybSafe) to add learning modules with your custom content or content you have sourced elsewhere.

User messages

  • Worth checking this feature every few weeks to see if any new questions or insight has been shared.

  • Mark messages as 'read' if actioned

  • Reply directly to the person that raised the question by clicking the three dots and 'reply'.

Additional best practice guidance

  • Incentivise good security practices that you can track through that CybSafe platform

  • Use the security heroes leaderboard to drive good behaviours and also encourage people to engage.

  • Ensure stakeholders or colleagues that are keen to learn more about security, are aware of initiatives

  • Encouraging engagement with CybSafe:

    • Reference the CybSafe platform in newsletters and company comms.

    • Incorporate the platform into Cyber awareness weeks and Cyber Security events to drive people to log-in.

    • Plug in Teams/Slack collaboration channels with the 'integrations' tab (GUIDE+).

    • Use our seasonal content available in advice cards and nudges.


Did this answer your question?