How to make your employees care about cybersecurity
“If we look at security breaches over the last five to seven years, it’s pretty clear that people, whether it’s through accidental or intentional introduction of malware, represent the single most important point of failure in terms of security vulnerabilities,” said Eddie Schwartz, chair of ISACA’s Cyber Security Advisory Council.
There are 10 tips for helping all employees understand cyber risk and best practices:
1. Perform “live fire” training exercises. Conduct regular phishing tests.
2. Get buy in from the top. “you have to have line items in the budget for people, hardware, or software, year over year”.
3. Start cyber awareness during the onboarding process. Safety training from the first day.
4. Conduct evaluations. Evaluation of both employees and the system.
6. Create a formal plan.
7. Offer continuous training.
8. Stress the importance of security at work and at home.
9. Appoint cybersecurity culture advocates.
10. Reward employees.
By the above it is said that when a user makes a mistake and clicks on an email that causes an infection, this is the reason, but in fact – the organization was attacked when an attacker sent an email before it was opened.