How to Make Your Employees Care About Cybersecurity: 10 Tips
Anyone can be a victim of cyberattacks. Personal users, employees, leaders, partners and vendors, and entire organisations are at constant risk of a cyberattack.
With workplaces and work becoming increasingly virtual, cybersecurity incidents have risen multi-fold. Data theft, virus attacks, ransomware attacks, money laundering- numerous cybersecurity incidents have costed companies and damaged reputations. Hence cybersecurity at work takes on renewed importance.
Why is Cybersecurity Important?
Cybersecurity threats at a global level are increasing. According to Cybersecurity Ventures, global annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion annually by 2021. Moreover, it is not just computers that are being targeted. The growth of smartphones and Internet of Things devices is opening new destructive avenues for cybercrime. This is alarming and if not controlled, will lead to monetary and reputational damages both for individuals and organizations. Hence, it is projected that cybersecurity spending will exceed $1 trillion globally over 2017 to 2021. The situation in India is not good - India ranks 23rd on the Global Cybersecurity Index 2017. This index measures the commitment of nations across the world to cybersecurity. This means we have a long way to go.
Who is Responsible For Cybersecurity?
Anyone can be a victim of cyberattacks. Personal users, employees, leaders, partners and vendors, and entire organisations are at constant risk of a cyberattack. In organisations, the implementation and adoption of cybersecurity tools and techniques may lie with the IT department, or with the management. However, every individual is a user of technology these days, and hence is responsible for preventing cyber. It is therefore important to involve everyone in an organisation with cybersecurity. Here are few cybersecurity tips for employees to contribute in a safe and secure virtual world.
- Create Cyber Awareness: Incorporate a cybersecurity awareness training for employees in the onboarding process to ensure every employee is aware and acknowledges the threat. Organise computer security training for employees with periodic refresher courses.
- Provide “Live Fire” Training: This is a live simulation of a cyberattack outlining the course of action to be taken by various affected and unaffected parties. Share information on the escalation matrix, when to report what, and who is to play what role depending on the type of attack. This live training helps employees learn better so that they can better tackle such an incident.
- Communicate: Build a continuous communication campaign through various channels- emails, street plays, bay walks, notices, videos etc. Talk about what cybersecurity is, types, impact, etc. to prepare people for an event.
- Design a Policy And Plan: Much of work today is location-agnostic. We have employees carrying their laptops home and accessing company data remotely. An organisational cybersecurity policy governs usage restrictions and behaviors of employees such as what devices can be used with what security level. Ensure employees adhere to the policy through periodic system checks.
- Create a Culture of Security: Encourage people to report even the smallest of anomalies in their systems. Appreciate those who report unscrupulous cyber-behavior by colleagues. You may assign a cybersecurity culture advocate at every department to drive this.
- Connect to Home: Employees are as susceptible to cyberattacks in their personal lives as in their professional lives. For employees to really care about cybersecurity emotionally, emphasize how cybercrime can affect their family too, and teach them how to prevent it in their personal lives too. They may share this information with their loved ones and the world can be more cyber-aware.
- Reward For Right Behaviors: Design a reward and recognition program centred on cybersecurity. For example, appreciate employees who recognise and report phishing emails.
- Walk The Talk: Leaders in the organisation must live the cybersecurity values and way of life themselves and act as role models. Only then will employees believe in the cause of securing cybersecurity.
- Continuous Learning: Live and show a continuous commitment. The means of cybersecurity are constantly evolving, so it is important to help employees stay up-to-date. Develop a culture of continuous learning amongst your employees.
- And lastly, empathize: Anyone can be a victim of cybercrime, often unknowingly. Leaders must empathize with those who make mistakes and encourage them to learn and develop themselves for a better future. For example, employees send hundreds of emails a day, so it may be difficult to pinpoint that one destructive email. Rather than condemn, build capability and an attitude of scrutiny in your teams.
These cybersecurity tips and tricks can go a long way in preventing an incident rather than curing it.
Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house
Around The World