When it Comes to Cybersecurity, Your Entire Team Needs to Be In-the-Know
If you’ve ever been the target of an online threat or scam, you know how infuriating it is. With one small click, your entire organization’s data and security can be compromised.
Cybercriminals are more savvy and sneaky than ever; according to the 2021 FBI
Internet Crime Report, there has been “an unprecedented increase in cyberattacks and malicious cyber activity,” with close to 850,000 internet crime complaints reported last year — an 81% jump from 2019. The ongoing war in Ukraine is anticipated to increase this risk, too.
As insurance professionals, we’ve seen even some of the most sophisticated safeguards against cybercriminal activity be thwarted by these “bad guys.” Multi-step data encryption, firewalls, password protection, security software – sometimes, it’s not enough.
Even if you have an IT arm dedicated to cybersecurity, it’s imperative that the entire company have regular, frequent training on the importance of staying safe online. Employees can make for easy targets. According to Verizon’s 2021 Data Breach Investigations Report, 85% of security breaches involved a human element.
If your people are of your company’s greatest assets, why not leverage your workforce in your cybersecurity efforts?
By infusing cybersecurity into your work culture, it helps drive secure behavior that ultimately, hopefully, will prevent hackers from tapping into your information.
So how exactly do you build a culture of cybersecurity? It’s less about a manual on how to avoid scams and more about dedicating resources to consistent reminders that it is everyone’s responsibility to keep the organization safe.
The MIT Sloan School of Management shares four actionable steps to drive culture change:
Give someone the title of “culture owner,” and have this be their job – to drive home the importance of cybersecurity messages among employees.
Use resonating language. Terms like “malware” or “phishing” may not really drive home an issue. Communicate in ways that mean something to your team.
Build multi-channel campaigns about cybersecurity. Engage with your employees by reaching them at various touchpoints – videos, emails, events, training, blogs, etc.
Include cybersecurity in employee training and consider rewarding employees for participating in culture change and adopting safe online behaviors (and consider extending consequences for undesired behavior, e.g., not participating in mandatory training).
Read more about ways to implement these steps in the MIT Sloan School of Management post here.
And remember, another crucial level of protection for your organization is to have a cybersecurity insurance policy in place.
This coverage helps protect your organization against the cost of broad, technological-related security breaches, such as risks incurred when a company’s computer or mobile device has been stolen; when a hacking has occurred; when someone improperly disposes of electronics; and with the negligent release of sensitive information.
Our team is here to help you make the most informed decisions for your coverage. Contact us to learn more about ways to further safeguard your business from cybercriminals.