October has been noted as “National Cyber Security Awareness Month,” sponsored by the Department of Homeland Security and the National Cyber Security Alliance.
This observed month and the recent string of cyber attacks on Equifax, HBO and Wimbledon are causing organizations to take notice. In fact, the Business Continuity Institutes’ most recent “Horizon Scan Report” notes cyber hacks and data breaches as the top two threats facing organizations.
It is clear that cyber attacks are on the mind of today’s workforce. Yet who is responsible for managing and maintaining cyber security resilience?
Business continuity managers, IT teams and senior executives often carry the weight of managing and maintaining security plans, however National Cyber Security Awareness Month emphasizes that every employee has a role to play in their organization's cyber security posture.
Planning and deploying a successful security awareness program that leads to real behavior change is so important since 70% of employees lack the awareness to stop preventable cybersecurity incidents.
The National Cyber Security Alliance offers helpful resources to protect your business, employees and customers from online attacks, data loss and other threats – and create a culture of cybersecurity at work. Here are a few key takeaways:
1. Set Strong Password Policies
Passwords are one of the easiest targets for cyber hackers leaving personnel, work related and customer data vulnerable. Set and share an organization-wide policy that recommends passwords:
- Be at least 12 characters long – this can include spaces, punctuation or numbers
- Differ from passwords used for other personal or work accounts
- Never includes something like the names of your children, pets or milestone dates
2. Conduct Staff Training
As hacking techniques adapt and become more advanced, mirroring genuine login requests, they can be harder for people to recognize. Make sure your employees are frequently educated on how to spot hacking attempts and illegitimate emails so you can avoid potential incidents.
3. Spread the Word
In addition to training, distribute frequent reminders about ways they can keep cyber security in mind. Facilitate internal communication by:
-Posting simple and actionable online safety tips around the office
-Incorporating tips into employee handbooks and newsletters
-Submitting security questions or reporting concerns via your company intranet site
4. Integrate Collaboration in Your Business Continuity Planning
Strong business continuity planning involves finding the right team of stakeholders to account for key assets, potential impacts and security gaps. Bringing together project managers, HR, communications and IT teams, is critical for defining who needs to be involved and responsible for initial and ongoing implementation of tasks. Involving key stakeholders can also generate buy-in and ongoing support of your cyber security efforts.
Creating a culture of cybersecurity is critical for all organizations ‒ large and small--and the responsibility of resiliency is shared amongst all employees. Use National Cyber Security Awareness Month as a reason to jump start your efforts.
For more great industry info, check out our free whitepaper:
Written by Assurance Software
Assurance Software takes your company’s enterprise-wide business continuity and resiliency program to the next level. With Assurance as your go-to partner for continuity and resilience, you can confidently mitigate risk, manage recovery, and safeguard your employees, customers, operations and brands.