This week is week 3 of National Cybersecurity Awareness Month (NCSAM). Each week of NCSAM is focused around a different theme meant to address specific challenges organizations face and identify how to address those challenges. Week 3 is focused around educating employees of the importance of online security and safety and their role in keeping your organization safe from online threats.
Even with all the great technology available to us today, our greatest security asset is still our employees. Our personal commitment to online security is becoming more important as the lines between our work and home lives are increasingly blurring. With the rise of BYOD and rapidly growing mobile workforce it’s crucial to be sure we are always adhering to smart cybersecurity practices – even when we aren’t connected to the corporate network.
64% of cyberattacks can be traced back to negligent behavior of an employee or contingent worker according to a recent study by Ponemon Institute. This isn’t to say our employees are acting maliciously, most employees are simply unaware or not vigilant of adversary’s tactics.
Below are a few best practices to keep your employees (and contingent workers) playing an active role in keeping your organization and your data secure:
- Awareness
Engage employees regularly with security awareness campaigns or best practices. Be sure to communicate new or advanced threats and how to identify potential threats. Knowledge and awareness are the crucial foundation to employee success in keeping your organization safe from cyber threats.
- Training
Host internal trainings to teach employees how to identify cyber threats and how to avoid and report them. Good trainings to consider are anti-phishing training and how to minimize your risks from other email and malware threats.
- Accountability
Good cyber-hygiene is not optional, it is something that must be mandatory for everyone. Review your cybersecurity and data protection code of conduct and best practices and have employees commit to be accountable to those guidelines.
- Advocacy
Develop and internal advocacy program. Ideally, all employees should be advocates of cybersecurity best practices. However, having a team who you can work with to cultivate a standard of security expectations who will act as internal champions for you will help keep everyone engaged and on board.
- Compliance enforcement
Enforce industry and internal policy compliance with targeted internal communications.
Ideally, all your employees will work as proactive security advocates. Realistically, we are human, and we all need reminders and refreshers of policies and best practices. With the right training and encouragement our employees are the best line of security we have for our business.
Written By: Eden Reid, LookingPoint Marketing Manager