Make your organization more security aware
- Date: 27 October, 2021
About 90 percent of all data leaks happen because of human error, research by Kaspersky points out. Avoid data leaks and make your co-workers Security Aware. How do you create Security Awareness in your organization? Global Knowledge gives tips.
Security Awareness isn't a top priority for most organizations, but no one likes to become the victim of a cyber attack. You can protect your organization by making your employees and co-workers security aware. We use the term Security Awareness for all activities we undertake to create this kind of awareness. Training courses, but also quizzes, assessments and simulations are good tools to use to make the people in your organization more security aware.
How come Security Awareness isn't a priority in all organizations? According to research by SANS, the main reason organizations don't have a Security Awareness policy, is because there isn't enough time to make or enforce one. Security Awareness isn't prioritized by most organizations and because of that, it's something security managers do 'on the side'.
Time has come to change this way of thinking. If your employees and co-workers become aware of online dangers, you can avoid data leaks and maybe even cyber attacks in the future. The blame culture that has started to exist because of the missteps of users will disappear - and work will be more enjoyable and less stressful too.
How do I make my organization Security Aware?
You want to make your team or organization aware of security threats. How do you do this? Global Knowledge gives four tips in this article.
- Don't make it too complicated
Security can be a complicated and abstract topic for some. This makes it difficult for people to be interested in it. Your story might become complicated or boring to them when you start talking about two-factor authentication, pen testing or the different security domains.
Just keep it simple instead. Explain your team that a safe way to log-in is an extra check in addition to your password, for example a code you receive via a text message on your phone. Avoid terms like two-factor authentication. You might know what you are talking about, but your colleague who doesn't work in IT doesn't have a clue. - Make it about them
Security can feel abstract to employees. What can they do against cyber criminals, right? Make your employees aware of their responsibilities and of the power they have by using examples from their world in your training. Make sure there is something they'll recognize from their own experience.
Give examples of phishing, show how easy it can be to become the victim Whatsapp-fraud and why a safe password is so important. - Turn your employee into the hero of the story
Your employee isn't the victim of the cyber criminal - he or she can be the hero. This is a different way of thinking: people are more interested in helping you if you make them the hero.
Make sure the message of your Security Awareness policy is: Will you become the hero that protects our organization? - Be creative
Security is serious business, but that doesn't mean learning about it can't be fun. Use Google's phishing quiz for example, or Global Knowledge's interesting Security e-Book.
Want to know more?
Are you ready to create Security Awareness in your organization? Read the interactive e-Book about cyber crime, written by Global Knowledge. In this e-Book, you learn more about the most popular cyber threats via text, podcasts, webinars and video's. Curious? Download the e-Book via the button below.
To write this article, the following sources were used: Techradar, SANS, Techzine, Security Intelligence.