There is no doubt that Cyber Security has become an essential component of every business today. Online attacks are on the rise and it is important to protect your workforce, clients and business. Did you know studies are showing that the average website is attacked 94 times per day?
Here are some of our strategies in creating a cyber security culture.
Make it part of regular conversation
When we are back in the office, put up a few posters, add it as a line item to talk about in weekly huddles, share articles with your team regularly, run internal phishing tests, ask team members if they have received any suspicious emails recently. Keep talking about it so it is at the forefront of everyone’s minds and being vigilant becomes a normal part of business.
Introduce Quarterly Cyber Security Training
The biggest weakness in cyber security is human error, unfortunately phishing emails are often difficult to spot, so it is no wonder people fall victim to them. Your best defense here is awareness, introducing quarterly cyber security training can be the difference in falling victim to a cryptolocker attack vs. a malicious email simply being deleted. Training can be inexpensive, and quick! We have a free cyber security training video available online, watch it here.
Enforce Strong Passwords
This is a simple measure that is available in most email platforms. Check out the settings in your apps or ask your IT support team to and enforce complex passwords. If you can’t enforce them, education is your best defense here as well. Educating staff on why you should use complex passwords, and how it can be easy to manage them through password managers like LastPass.
Enforce Multi-factor Authentication
Multi-factor Authentication is available in almost all major business applications, for us it is a non-negotiable to have it switched on. It’s generally available at no extra cost and is a very effective defense measure. You can even set it up for shared accounts if you are using a password manager, or by setting up an authentication app like Microsoft Authenticator.
Create a Team chat channel for cyber breaches, or attempted attacks. In your weekly huddles talk through a phishing email and ask your staff to point out any obvious signs that show it is a malicious email. You want to be sharing so the notion ‘we’re too small to be a target’ or ‘it won’t happen to us’ goes, and people become more vigilant. Often senior executives are the target of spear phishing attacks, as an executive in your business, share these emails, it will help people to feel comfortable in sharing their experiences.
IT Support Visits
Organise a regular walk around with your IT support team to talk to your staff about any concerns they might have, and to advise them of the latest security trends.
Run a Cyber Security Week
The government's 'Stay Safe Online' program runs a Cyber Security week once a year where there are lots of webinars, events, and other educational activities happening, all with the aim to increase awareness of cyber security. Run one for your business, make it fun with food, games and prizes. You could even run a security related Kahoot quiz!
Want some help creating a Cyber Security culture? Give our Account Management team a call, they are experts in building security centered cultures!