DIGITAL GROWTH
Get your staff on board with cyber security
For many employees, cyber security awareness starts and ends with an annual or six-monthly brief about best practice. Seen as a necessary evil, this routine approach often fails to drive home the important role that people play in your defence against cyber-related crime.
THE PROBLEM AT HAND… A strong cyber security culture can be your most effective tool against cyber threats and by far the cheapest. Most cyber threats are designed to trick a careless or ill- informed user, which is typically the easiest way around any security system. According to the Cyber Security
Breaches Survey 2017, the most common type of breach experienced by UK businesses were; • Staff receiving fraudulent emails (72%)
• Viruses, spyware and malware (33%)
• People impersonating the organisation in emails or online (27%)
• Ransomware (17%)
PEOPLE AND CULTURE – THE CURE? Cyber security culture should not be left to chance, so you must encourage it, engage and maintain it. One meeting every six months tells your staff that’s how much
they should think about cyber security; a couple of times a year. Likewise, bumping IT security issues and questions straight down to the IT team tells your staff that cyber security is IT’s job, not theirs. Here are some ways to attain a
culture where staff are actively protecting your company from cyber attacks:
1. Bring everybody to the table From the CEO to the office and shop floor, inclusion is key to creating an effective cyber security culture. Cyber security affects everybody so everybody needs to be engaged.
2. Education, education, education Even though a lot of people think they are fool-proof, research shows that they’re not always as difficult to trick as they might think. Many cyber attacks and phishing scams rely on human error, using a technique known as social engineering. It is therefore of great importance to educate everyone on cyber security. A business-grade email security solution can also support user-awareness.
3. Reward and recognise good practice Consider a small bonus relating to cyber security best practice. It’s a great way to let staff know that you view cyber security as importantly as their day-to-day work targets. You may wish to include checks on basic security measures such as
locking screens when not in use. Flagging up suspicious emails and running penetration tests might be additional measures you could try.
4. Break it down Ditch the general meeting - the idea of online security seems big and scary to some people. To cater for everyone, try doing shorter and more regular meetings in smaller groups. Alternatively, webinars and eLearning platforms are a convenient way to reinforce awareness.
5. Reinforce, upkeep and encourage It takes time for change to take hold, you won’t fix it all in a month and you certainly can’t expect it to stick straight away. Talk to staff and
ABOUT THE EXPERT
Sam Reed is Chief Technology Officer of managed ICT service provider Air-IT. He is also a certified GDPR practitioner and has been appointed Head of Air-IT’s new specialist cyber security division, Air- Sec. Sam is one of the Digital Growth Programme’s expert consultants and delivers a number of practical Cyber Security and Cloud Computing workshops and seminars that support and equip SMEs with the knowledge of how to make small businesses cyber resilient.
Free digital events you may be interested in…
The Digital Growth Programme is an exciting project offering free digital support to SMEs across Derbyshire, Nottinghamshire and Leicestershire to grow through utilising digital technology. The programme delivers a number of free digital-focused awareness-
raising seminars and action-planning workshops to provide you and your business with the latest digital knowledge and techniques.
DERBYSHIRE AND NOTTINGHAMSHIRE 19 July: Protect and Prepare: Secure Your Business - Mansfield 25 July: Getting Ready for Cyber Essentials - Nottingham 22 August: Getting Ready for Cyber Essentials - Derby 23 August: Protect and Prepare: Secure Your Business - Erewash 30 August: Improving Productivity with Cloud and Mobile Working - Mansfield
66 business network July/August 2018
LEICESTER AND LEICESTERSHIRE 14 August: Protect and Prepare: Secure Your Business - Leicester
16 August: Improving Productivity with Cloud and Mobile Working - Leicester
21 August: Getting Ready for Cyber Essential - Leicester 11 September: Getting Ready for Cyber Essentials - Oadby and Wigston
18 September: Protect and Prepare: Secure Your Business - Oadby and Wigston
To book your place visit
www.d2n2-digital.co.uk (if based in Derby, Derbyshire, Nottingham or Nottinghamshire) or
www.leics-digital.co.uk (if based in Leicester or Leicestershire).
see what they think will benefit them most. You will then need to ensure that managers and team leaders are actively encouraging and upholding your regime. You should also look to introduce an information security policy and have people agree to its terms. Make sure you include the details in new employee induction plans to get them on board from the get-go. Whether you consider yourself
high risk, tech-savvy or well equipped, the reality is UK businesses are low hanging fruit. Doing nothing is not enough to
protect your business, so it makes sense to educate your staff in line with ICO expectations.
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74 |
Page 75 |
Page 76
