EDITOR ’ S QUESTION
Cybersecurity is no longer a nice-to-have ; it ’ s essential for your employees ’ overall digital experience .
While the latest cybersecurity technologies can help to detect nefarious activity and contain and neutralize threats promptly , they don ’ t completely immunize organizations from being compromised .
It begins with awareness – and that begins with training . Not once or twice but continually for all employees .
Those which don ’ t embed cybersecurity awareness in their corporate culture are leaving themselves open to risks that technology alone may not necessarily be able to identify or contain . This is particularly the case if workforces are remote or highly mobile which many are today .
Embedding security awareness in employees is a low-tech way to lower the everyday risk posed by the human element and ensure that you ’ re providing the optimal digital workplace in a tight labor market .
Social engineering attempts are less likely to be successful if staff are taught to consider the security implications of responding to unusual emails and to think twice before clicking on links without attempting to validate their authenticity .
Other lax practices which can end in tears include the transfer of data to portable storage devices and the uploading of sensitive documents to private cloud storage . A culture where careless acts like these are eschewed and caution and vigilance are encouraged and rewarded can reduce the risk significantly . That doesn ’ t mean fostering an atmosphere of suspicion in which staff feel obliged to police their colleagues and watch their own backs . What ’ s needed is a collective commitment to work together to keep company systems as safe as possible .
– and that begins with training . Not once or twice but continually for all employees .
Introducing cybersecurity training as part of the onboarding process for new hires and holding regular refreshers , for everyone from the CEO to frontline staff , creates the awareness that can foil opportunistic phishing attempts and social engineering attacks .
Making training sessions interesting and engaging will up the odds of the messages sticking . In addition , an element of friendly competition – via gamification or an awards program for cybersecurity ‘ champions ’ who flag and share security threats – can encourage staff to stay alert to scams and security slip-ups .
It can also be helpful to create an information hub where security protocols and tips can be posted and employees can share experiences and questions .
The threat posed by hackers and cybercriminals is real and rising and the fall-out from a successful attack or a major data breach can be damaging and very expensive .
Those organizations which foster a culture where employees are alert to the dangers and mindful of the way they engage with systems and handle data stand a better chance of providing their most valuable asset – their people – the best digital experience . p
So how can organizations go about fostering this culture and commitment ? It begins with awareness
JOANNE WONG , VP INTERNATIONAL MARKETING , APAC AND EMEA , LOGRHYTHM
www . intelligentcio . com INTELLIGENTCIO APAC 35