If you want to boost your awareness of hacking threats and cybersecurity, you can attend a tech seminar, read a white paper or consult an IT professional.
Or you can watch a cartoon written by an Emmy-winning scriptwriter and featuring Hollywood voice actors. That’s the approach taken by the California company Ninjio, which produces animated episodes that highlight principles of safe computing. Each episode is three to four minutes long and based on an actual, real-life breach or hack. New episodes are released every 30 days.
Ninjio’s CEO says the inspiration came a few years ago, when he asked himself a simple question:
“If I wanted to be educated on security threats, what format would lead to the greatest engagement, and therefore the greatest results?” says Zack Shuler.
The answer came in the form of producing high-quality, entertaining videos – each of which take approximately 200 hours from conception to completion – with scripts penned by Bill Haynes, who has written for Hawaii Five-O and CSI.
See a sample Ninjio video here.
The Human Factor
Most cyber crimes are the result of human error, not systems failure. This fact was impressed upon Shuler through 20 years of responding to hacking events.
“[T]he breach began with an unsuspecting end-user who was curious and uneducated,” he writes on his website, describing the usual scenario. “Technology was a great answer for most of it, but not all of it. There had to be a way to educate people.”
The “Homeless Homebuyer” episode, for example, depicts a real estate deal gone terribly wrong because of an email scam. The would-be homeowners wind up with no money and no dream home – all because someone clicked on a bogus email in a high-risk, online cash transaction.
The video – which mirrored an actual scam that happened in Hendersonville NC – caught the eye of cybersecurity blogger Brian Krebs, who praised Ninjio’s custom, gamified security awareness training videos.
From E-Signing to Sideloading
“Each episode emotionally connects with your user in the first scene keeping them engaged throughout the entirety of the episode,” says Shuler. “The non-fiction component brings the story closer to home and helps to eliminate the thought of ‘This can never happen to me.’ We use
story-based learning that engages the user and makes the lesson more memorable and effective. We don’t lecture and thus we keep them awake!
Here is a portion of the 2017 Ninjio broadcast season lineup:
· January: “Cyber Oil Warfare” – Badge surfing, clean desk
· February: “The Homeless Homebuyer” – Real estate wire fraud
· March: “Slippery Sideloading” – Mobile device sideloading
· April: “IOT gone Wild: - Internet of Things
· May: “The Ransomware Pyramid” – Popcorn time ransomware
· June: “My Password is Password” – Weak and recycled passwords
· July: “156 Alarms” – Spear phishing
· August: “Electrosign” – Business email compromise
How do you educate yourself and your staff on cybersecurity issues?
For more by Jay Reeves, be sure to check out our monthly Put Into Practice newsletter.
· Ninjio Ninjio https://ninjio.com/ · Ninjio video “The Homeless Homebuyer” https://youtu.be/ToUEr4X1WgU · Krebs on Security https://krebsonsecurity.com/2017/04/blind-trust-in-email-could-cost-you-your-home/