3 Tips for a Stronger Cybersecurity Culture
Each year in October, the National Cybersecurity Alliance observes National Cybersecurity Awareness Month. While it’s easy to think cybersecurity should be left to the IT department, the reality is that it’s everyone’s responsibility – from the IT professional to the CEO.
Does your company have a strong cybersecurity culture? Here are three basic tips to help make safer technology practices a habit.
Create stronger passwords: Passwords are among the lowest hanging fruit your company can go after. Your employees likely have access to hundreds of clients’ sensitive data. The last thing anyone wants is a weak password creating a massive data breach that exposes your clients – and could cost you business. Ensure employee and company passwords are at least 12 characters, with a combination of upper- and lowercase letters, with a unique symbol or character. Employees should also change their password every few months.1 Get a few expert tips on password security in this podcast episode from Unit 42 of Palo Alto Networks, a global cybersecurity company.
Think before you click: Did you know 92 percent of malware – software intended to damage your computer system – is still delivered by email2? The most common method is phishing. Victims receive an email from what looks like a trusted source – a vendor or a bank, for example – asking them to download an attachment or click a link. Once clicked, the malware is released. Remind your employees to think before they click – were they expecting an invoice from a vendor? Does the wording of the email sound odd or unusual? If they’re unsure, it may be best to connect directly with the source to confirm if they really sent it.
Invest in training and make it fun: Companies worldwide are expected to collectively invest $10 billion dollars on security awareness training for employees by 20273, and with good reason. On average, 25 percent of employees fall for phishing scams more than once4. When it comes to training, it’s smart to make it interactive or game-like. According to Forbes, 77 percent of employees find “gamified” training options more effective than traditional methods5.
1 Tech Radar, “5 Tips to Protect Your Business from Cybersecurity Threats”
2 Verizon, "2018 Data Breach Investigations Report"
3 Cybersecurity Ventures, "Security Awareness Training Explosion"
4 Verizon, "2017 Data Breach Investigations Report"
5 Forbes, “Why You Should Gamify Your Cybersecurity Training”