Cyber Awareness Training Case Study – Melbourne and Olympic Parks Trust

April 10, 2020


Cyber Partners delivered a comprehensive cyber awareness and phishing awareness programme for Melbourne and Olympic Parks Trust (MOPT) which is the custodian and operator of Melbourne’s unique city-centre sports and entertainment complex and includes some of Australia’s most iconic sporting venues.

MOPT’s 40-acre site is home to the Australian Open Tennis and puts on more than 600 events annually attracting 2.5m people at stadiums including the Rod Laver arena and Melbourne Arena. MOPT hosts rugby, football, rugby league, netball, basketball, cycling and gymnastics; while also staging the highest calibre of artists and shows, such as Katy Perry, One Direction, P!NK, Beyoncé, The Rolling Stones, Bruce Springsteen and Disney on Ice.

With huge public foot traffic through the park, reliance on information management systems is extensive and at times, and during high profile events in particular, the organisation experiences extensive cyber attack in all forms – including on its staff.

With the clear goal of building awareness and resilience, Cyber Partners delivered a six-month-long program of cyber awareness training to every member of the MOPT team, from the CEO to the grounds staff, all of whom use information systems as part of their every-day work.

Initially we benchmarked likelihood of the 150+ staff members clicking on suspicious emails by using a phishing simulation platform to test existing levels of awareness and susceptibility to falling victim to phishing emails. Once we had the benchmark established as a % of staff, we then engaged in a series of face-to-face training sessions over two days to deliver cyber awareness training to every member of staff. Sessions were rapid, informative and entertaining – delivered to small groups in 45-minute sessions, back-to-back over the two day period.

We followed up over the next five months delivering periodic phishing simulations which delivered training content in the form of rich media and web pages to staff that inadvertently clicked on unsolicited URLs. This was supported with access to training materials, awareness reminders, posters, learning management system content.

Over time, the number of staff clicking on phishing emails reduced rapidly, delivering significant benefits to MOPT in reduced network and user machine malware intrusion, higher productivity, improved safety culture, less machine downtime and increased adherence to organisational policy. The successful outcome was to increase organisational resilience and make sure that MOPT staff were equipped to perform their frontline role in protecting the organisation, and themselves, from falling prey to cyber attack.


Related articles