Page 54 - Cyber Warnings
P. 54
1: Make sure they understand how a cyber security breach could affect the business
Cyber security is no game – a breach can be invited by the most innocent of oversights, but the
consequences can be devastating for your whole organization. You may suffer financial losses.
Your valuable digital assets and intellectual property could be compromised. Or your customers'
private data could be leaked, leading to fines and costly lawsuits. Any of these things can also
lead to an irreversible loss of trust or irreparable damage to your public reputation. And all it
takes is one careless act by a member of your team – leaving their laptop on a train, working
with sensitive files over an open Wi-Fi network, or clicking on a link in a phishing email. They
may not realize it, but by using memorable dates or family members' names in their passwords,
and revealing that information on social media or other online locations, your staff can unleash a
trail of evidence that allows smart hackers to place your entire business at risk.
2: Get everyone involved in cyber security
Just because someone is a manager or an IT expert, it doesn't mean that they won't make
mistakes that can compromise the safety of the company. Everyone needs to be educated on
cyber security – in fact, senior staff members have access to a greater range of information,
which makes them more attractive to potential cyber criminals. Your technical staff may have
the knowledge they need to remain secure, but they're also more likely to be targeted by savvy
hackers, who will know that they have greater access rights to your systems, networks, and
data. Because IT professionals know more, they can also become complacent, which is why
regularly reminding them of their responsibilities is no bad idea. Remember, it only takes one
person to make one mistake to put the whole company in a vulnerable position.
3: Have regular recaps on best practices for cyber security
You must make sure that training is a regular practice in your company. It's no good explaining
best practices when a mistake has already been made. This means educating new staff on the
risks, and also holding regular sessions where you remind workers of the ways in which they
can keep the company safe and update them on any new habits that they need to bring in. You
should also make resources available to your workforce in between training sessions, in the
form of information packs, forums where issues can be discussed, bulletins and opportunities to
speak to IT experts in the company who can remind them of their responsibilities and clarify
anything that they don't understand. You can make the information you provide interesting,
keeping it up to date with the latest news about cyber security breaches at other companies,
and discussion about how this affected those companies to reinforce how seriously this issue
needs to be taken. Another trick you can try is to introduce regular tests to ensure that the
advice you're giving is being taken on board.
4: Create clear-cut rules for online activity
If your employees have strict rules for how they browse the web, send emails, or use company
devices, they're more likely to follow them than if you give vague guidelines. Introducing a “safe
54 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
