March 1, 2023
If you work in IT, the idea of a data breach is probably a lot spookier than some ghost invading the data center. October is Cybersecurity Month in the United States, and organizations like the FBI, the National Cyber Security Alliance, Sophos, and others are promoting secure digital practices for home users and businesses. It’s the perfect time to reevaluate your approach to cybersecurity and make sure you’re cultivating a culture of cybersecurity.
With ransomware continuing to spread at an ever more rapid clip and the cost of IT system downtime hitting over $1 million for the average enterprise, you can’t afford to lose productivity to viruses, malware, or stolen intellectual property. Here are some quick tips to help foster secure digital practices in your workplace.
You don’t want to get overly scary, even if it is the Halloween season. Workers are more likely to make fun of you for being dramatic if you’re too heavy handed with the examples of cyber threats. But you do need to make sure employees understand how real digital threats can be.
This will probably involve getting some kind of higher up support from executives or the C-suite, as the weight of their advice is more than a communication from “someone in the IT department.”
Point out the overall cost to businesses (which can be in the millions for large enterprises, and the hundreds of thousands for small businesses). Stress different attack angles for different departments – showing your finance team these overall costs, or how e-mail spoofing is used to secure wire transfers, while you instead show lower level employees phishing or social engineering attacks, like leaving a preloaded USB stick around the office waiting to be plugged in by an unsuspecting mark.
Once employees know about the risks, they’re likely to go ahead and forget about them or ignore them for the sake of convenience. Writing passwords down and keeping them short is easier, after all!
Leverage your internal communications team to keep awareness around cybersecurity practices high with regular communications, notifications about breaches in your industry, and public announcements via posters, e-mail, or meetings. When a major zero day vulnerability comes out, or just periodically throughout the year, remind everyone they should be updating their software regularly.
Don’t just broadcast, though. Get employees involved with competitions, mandatory trainings with rewards, or public call outs, either for screw ups or congratulations.
.png){kind=logo}
We're here to help you tackle what's next in your digital journey.
