Building cybersecurity awareness: A month of engagement and learning
This October marked Deriv’s cybersecurity awareness month, featuring a comprehensive programme of activities designed to engage employees across all levels and departments. The month-long initiative combined practical demonstrations, expert insights, and interactive challenges to strengthen our security-first culture.
As a global online trading platform handling sensitive financial data, we recognise the need for a strong security culture to protect our clients’ interests and maintain their trust. We want every employee at Deriv to be armed with the knowledge and tools needed to be an active participant in our security practices.
The three pillars of our security awareness campaign
1. Interactive learning sessions
Our live hacking demonstrations - "Hack Me If You Can!"- showed our employees how a single click could compromise sensitive data and enable remote webcam access. We complemented this with “The Inside Man” series from KnowBe4, which presents security concepts through compelling storylines, seeing increasing engagement throughout the month.
2. Expert knowledge sharing
Industry leaders shared invaluable insights throughout the month:
- Digital Operational Resilience Act (DORA) Regulation
- Cloud security and emerging threats (AWS)
- Threat detection and incident response (AWS)
- Current threat landscape (CrowdStrike)
- Breaking defenses and offensive security (Adversary Village)
3. Engaging competitions and global participation
We made security learning interactive and fun through:
- Capture The Flag cybersecurity challenges with over 400 participants across departments
- Weekly Secure Code Warrior challenges with themed 'Cybermons' or monsters symbolising common software vulnerabilities
- An engaging security-themed illustrations contest that generated 100+ creative entries
Our global offices supported these initiatives with security awareness posters, creating a consistent reminder of security best practices across all locations.
Sustaining our cybersecurity culture
While October’s focused activities have concluded, cybersecurity remains a daily priority at Deriv. The awareness month has provided valuable insights and feedback that will help shape our future security initiatives and training programmes.
Want to learn more about how we approach security at Deriv? Check out our other tech blog posts and explore our career opportunities in cybersecurity.