Information Security Awareness & The Need for a Security Conscious Workforce

At Bob’s Business, we understand that information security isn’t always at the top of your to-do list. Would you reconsider your priorities if you knew that cyber security is the one thing that could bring an entire organisation to a halt in a matter of minutes!?

There are three main risk areas within your business; physical intrusion, technical vulnerability and human error. The key to remaining secure is ensuring you have an in depth understanding of how all three areas can be targeted. For example, you spend a fortune on IT protection, but it only takes one member of staff to make a mistake with your company systems or sensitive information and your IT protection amounts to nothing. It is crucial that your employees are clued up on how to keep the information and systems secure.

Human error remains one of the the biggest security threats within an organisation. Critical security mistakes can be easily avoided through investment and reinforcement of your human firewall.

90% of all malware requires human interaction before it can infect its target

Information security is a hot topic amongst organisations and although awareness is steadily increasing, to improve the safety of your businesses and it’s valuable data internal awareness must be encouraged. While malware is only a fraction of the risk that an organisation faces, as the statistic above shows; 90% of all malware requires human interaction before it can infect its target. This is why security conscious employees are paramount to preventing security breaches.

Complacency is the number one enemy when it comes to maintaining information security and awareness. If an individual is not educated and informed that security is their responsibility and part of their duties, they see it as someone else’s responsibility, and don’t take the necessary precautions. It’s a fact that information security awareness is most effective if every employee understands their responsibilities and duties to protect the business. The first step you should take is educating employees and providing them with training that explains their responsibility, the risks, and what they can do to keep information secure, protecting them both in the workplace and at home.

Here are some of Bob’s top tips for effective cyber security awareness within the workforce:

– Employ regular information security training for all staff, to keep them in the know and aware of risks and duties.

– Define roles and responsibilities with regard to managing the risks- this ensures staff know what to do and why.

– Ensure awareness is kept up to date and repeatedly covered- it’s not a case of set-and-forget, it works best if enforced on a regular basis. Keep it varied and interesting though.

– Make it clear that everyone gets involved- this includes management! When it comes to information security it’s important that everyone keeps up to date and is seen to be getting involved!

– Just like fire drills, rehearse the scenarios before you encounter them. For example, we offer simulated phishing attacks to create real life examples of breaches, and highlight just how important awareness training is.

– Ensure you have harm reduction plans in place- in the event of a breach, you want to be able to take measures to reduce the damage quickly and effectively, and this is much easier if everyone is on board.

Bob’s Business specialises in building and strengthening your human firewall with our Information Security Awareness Training; an online suite of 24 bite sized modules which are engaging and jargon free. All of the course content is aligned with best practice methodology outlined in ISO/IEC 27001/2, PCI DSS, PSN (Public Service Network) and the Data Protection Act. If you would like to secure end user behaviour and tackle compliance in an engaging way, get in touch.

Below are a few useful links:

Bob’s Business – Free SME Guide to information security: https://bobsbusiness.co.uk/blog/entry/smes-guide-to-information-security/

Security education – Searching for innovative ways to engage our teams – https://securityprofession.blog.gov.uk/2015/09/16/security-education-searching-for-innovative-ways-to-engage-our-teams/

Get Safe Online – Business Security Planning: https://www.getsafeonline.org/rules-guidelines-and-procedures/business-security-planning

If you wish to try one of our modules free, try our Perfect Passwords demo here- http://bobsbusinessdemo.bobsbusiness.co.uk/users/sign_up
or contact us to try our full suite of 24 modules.

Please follow and like us: