How to Activate Employees to Take Information Security into Their Own Hands
If there was ever a time to reinforce the importance of cyber safety, it’s now. Experts believe countries and businesses who stand in the way of Putin’s military attacks could be at risk for cyber attacks, particularly those responsible for infrastructure and financial systems. That’s why in late February, the Cybersecurity & Infrastructure Security Agency (CISA) updated its "Shields Up" guidance saying organizations should be "laser-focused on resilience."
This is a defining moment for so many organizations to ensure protections are in place to ward off cyber attacks and protect intellectual property, continuity of operations, employee and customer data, and the communities around us.
During this time, we can help employees know their role and responsibilities to keep information safe.
Having worked with organizations on a range of information security communication campaigns, we’ve seen the power in simple, direct and creative communications on the topic. They can go a long way to helping employees understand information security risks and vulnerabilities and know what steps they can take to reduce risk.
4 Tips to Help Keep Your Company Information Secure
If you’re not already, talk to your teams so they know what and who you’re trying to protect, what they can do, and why it’s critical. Keep in mind these tips:
- Make information security everyone’s job: With technology teams dedicated to information security and managing company technology assets and information security, it’s not always top of mind (or even bottom of mind) that every employee has a role to play.
- Make the most serious topics memorable and actionable: Think about today’s version of the “loose lips sink ships” campaign. Make it simple, memorable and relatable. Help people know specifically what steps to take (do this and don’t do this). Make it approachable (think: video shorts or gamification) that are entertaining or even inject some levity in an otherwise serious topic.
- Don’t assume it’s top of mind: The topic may be on your mind but that doesn’t mean others are thinking about it. Have a plan to communicate what needs to happen and why. Be clear about expectations, be consistent and communicate regularly over time. Remind, reinforce and create shared responsibility and accountability.
- Make information security practices a ritual: If you need employees to take certain steps to keep information secure, turn it into a regular ritual or routine that’s as much a part of the schedule as a monthly staff meeting or a daily cup of coffee or tea.
These are scary times we live in and when so much can feel out of our control, we can help employees remember protecting what’s precious is in their hands.
When was the last time you talked with employees about what they can do to keep information secure in your organization?
—Kate Bushnell
If your employees don’t understand the role they play in reducing cyber security risks, we can help. Click below to contact us today!
About Kate
Kate is President & Head of Client Service at The Grossman Group and leads the team of thoughtpartners™ to deliver innovative and strategic communication solutions for clients that address their everyday and defining business challenges. She's worked with leaders across a variety of functions and industries, including Astellas, Hillrom (now a part of Baxter), Kohler, Lockheed Martin, SC Johnson, The Hartford, and Tecomet, among others. Connect with Kate on LinkedIn.
Tag(s):
Internal Communication
Other posts you might be interested in
View All Posts
Internal Communication
2 min read |
September 12, 2022
How to Reboot Your Communications Plan in Less Than a Day
Read More
Change Management
3 min read |
June 21, 2021
Times of Change Call for Increased Levels of Communication and Courage
Read More
Featured
3 min read |
November 7, 2023
Comments on this post