Business

Cyber ​​Security Training Tips for Employees

You can tell your employees not to use their cell phones at work, but chances are they’ll use them when you’re not looking anyway. You can tell them not to download anything from an entrusted third party, and yet they’ll see a name they recognize and just go ahead and click anyway. Then what do you do?

Many companies will add a cybersecurity policy to their employee handbook and never talk about it again. That is a big mistake! Not only should you conduct extensive training on this topic with your employees, but you should also have them attend this training at least twice a year!

Data security training should shock the employee enough to realize that human error is one of the leading causes of data breaches. Throw facts and statistics at them. Let them know that they play a very important role in the security of the company and how a large part of data breaches are entirely preventable and are due to user error.

Verizon’s 2015 Annual Data Breach Investigations Report showed that 30% of staff-related email breaches were due to sensitive information being sent to the wrong recipients.

While many prevention tips may seem like common sense to us by now, we tend to get lazy and take shortcuts. Find a way to get your employees to kick their bad habits!

  • Educate employees about the types of cyber threats that exist so they know the warning signs and how each threat attacks.

  • Never share passwords (even internally) and don’t buy one of those Internet password notebooks to write down and manage your login information!

  • Never plug in a USB without knowing its origin and expected content.

  • Lock your computer when you leave your desk even for a moment.

  • Be careful what you see on your monitor before screen sharing in webinars or when someone else is nearby.

  • Never share emails that are not related to the work you are doing as they may contain malicious attachments.

  • The training should include the warning signs of a compromised system. Why? Once a system is breached, it is critical to remove the threat quickly to avoid data loss or a follow-up virus or worm.

The crucial takeaways are to implement cyber training with ALL employees (including C-suite) immediately, and repeat the training at least twice a year; refreshing the agenda with new cyber threats, statistics and details that have come to light since the previous training.

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *