4 Ways Employees Can Help Prevent Cyber Attacks

How to Activate Employees to Take Information Security into Their Own Hands

If there was ever a time to reinforce the importance of cyber safety, it’s now. Experts believe countries and businesses who stand in the way of Putin’s military attacks could be at risk for cyber attacks, particularly those responsible for infrastructure and financial systems. That’s why in late February, the Cybersecurity & Infrastructure Security Agency (CISA) updated its "Shields Up" guidance saying organizations should be "laser-focused on resilience."

This is a defining moment for so many organizations to ensure protections are in place to ward off cyber attacks and protect intellectual property, continuity of operations, employee and customer data, and the communities around us.

During this time, we can help employees know their role and responsibilities to keep information safe.

Having worked with organizations on a range of information security communication campaigns, we’ve seen the power in simple, direct and creative communications on the topic. They can go a long way to helping employees understand information security risks and vulnerabilities and know what steps they can take to reduce risk.

4 Tips to Help Keep Your Company Information Secure

If you’re not already, talk to your teams so they know what and who you’re trying to protect, what they can do, and why it’s critical. Keep in mind these tips:

1. Make information security everyone’s job: With technology teams dedicated to information security and managing company technology assets and information security, it’s not always top of mind (or even bottom of mind) that every employee has a role to play.
2. Make the most serious topics memorable and actionable: Think about today’s version of the “loose lips sink ships” campaign. Make it simple, memorable and relatable. Help people know specifically what steps to take (do this and don’t do this). Make it approachable (think: video shorts or gamification) that are entertaining or even inject some levity in an otherwise serious topic.
3. Don’t assume it’s top of mind: The topic may be on your mind but that doesn’t mean others are thinking about it. Have a plan to communicate what needs to happen and why. Be clear about expectations, be consistent and communicate regularly over time. Remind, reinforce and create shared responsibility and accountability.
4. Make information security practices a ritual: If you need employees to take certain steps to keep information secure, turn it into a regular ritual or routine that’s as much a part of the schedule as a monthly staff meeting or a daily cup of coffee or tea.

These are scary times we live in and when so much can feel out of our control, we can help employees remember protecting what’s precious is in their hands.

When was the last time you talked with employees about what they can do to keep information secure in your organization?

—Kate Bushnell

If your employees don’t understand the role they play in reducing cyber security risks, we can help. Click below to contact us today!