Cybersecurity Training for Employees
With workplace cyberattacks on the rise, industry experts are pressing businesses to train their workers to be more vigilant than ever to protect passwords and sensitive data and to recognize threats.
It is imperative for organizations of all sizes to instill among employees the critical role they play in keeping their workplace safe and secure. Dell recently released the Dell End-User Security Survey that found that 72% of workers are willing to share confidential company information without regard for proper data security protocols. The survey was conducted online in late February and early March with results from 2,608 professionals in companies with more than 250 workers.
Cybersecurity education needs to be an integral part of the workplace culture. Cybersecurity education doesn’t mean hosting a one-time course or seminar; it means making security a collaborative, continuous cultural initiative. Creating a security culture at a company can be complicated. The survey found that 65% of employees recognize their responsibility to protect confidential information, but many said security programs limit their productivity. Of those who received cybersecurity training at work, 24% admitted they went ahead and used unsafe behaviors anyway in order to complete a task.
There is a balance between protecting your data and empowering employees to be productive. Data security needs to be the top priority while maintaining productivity. It’s a difficult task that requires companies to create simple, clear policies that address potential breaches.
The survey found that unsafe behaviors for accessing, sharing and storing data are common in the workplace. Forty-six percent of employees admitted to connecting to public Wi-Fi to access confidential information, while 49% admitted to using a personal email account for work tasks. The survey found 35% said it was common to take corporate information with them when leaving a company.
As the Dell survey clearly indicates, there is still much work to be done regarding cybersecurity education and training for employees. The trend we are seeing is one of creating a culture of cybersecurity within an organization, which means taking cybersecurity best practices out of the IT department and bringing them into the risk management discussion. Effectively responding to cyber threats is relatively new on the list of day-to-day business practices — so it will take some time to establish and instill widespread organizational change.
Some of the things you should be talking to your employees about are:
- Rules for keeping a clean machine, including what programs, apps and data that workers can install and keep on their work computers;
- Best practices for passwords, including making them long and strong, with uppercase and lowercase letters, numbers and symbols, and changing them routinely;
- Throwing out suspicious links in email, tweets, posts, online ads, messages or attachments—even if they know the source;
- Remembering to back up work, based on the policies of each company;
- Speaking up if they notice strange happenings on their computer.
DNV can help you design a training program that will not be a once a year update for your employees, but a daily reminder of how they can help in the fight to keep your information secure. We will help you empower your employees so they can remain productive and secure. If you would like to discuss having DNV develop a custom Cyber Security Training Program for your company, please contact me at craig.reeds@dnvgl.com or 480-524-4840.