Don’t Hide. Talk Successfully to Your Employees About Cybersecurity Issues

by

October 9, 2019

The biggest threat (at least in my opinion) to an enterprise’s cybersecurity health is the people that work there. That’s not a knock on anybody, it’s just an unfortunate truth. People often have a lot to worry about and unfortunately, cybersecurity often falls to the wayside.

Whatcha’ gonna do? Am I right?

 

I’m not right. Nobody should shrug their shoulders and give up when it comes to the topic of cybersecurity and educating people regarding it.

It’s why this article from Forbes caught my attention: https://www.forbes.com/sites/forbesagencycouncil/2019/10/09/using-internal-communications-to-engage-employees-in-cybersecurity/#7b15181654f4

It’s worth the read and definitely lays out some good ideas. The article’s main talking points include:

  1. Showing employees possible cybersecurity scenarios they might find themselves wrapped up in. If you’ve ever tried to tell somebody not to do something it’s often followed up by a blank stare and a sort of sneer before they do exactly what you told them not to. Same works with educating people regarding Cybersecurity matters.

    It’s always better to provide examples and hypothetical scenarios when it comes to educating someone rather than just telling them not to do something when they don’t have a clear idea on what it is they’re actually trying to avoid. 

  2. Test their cybersecurity knowledge in a friendly manner. Hold quizzes or contests where an employee is asked true/false questions. Don’t penalize them for getting the answer wrong, instead give them the correct answer and educate them as to why it’s the better choice.
  3. Be funny. Use humor. I like this one a lot. I try to be funny. Sometimes I succeed (though I’m fairly certain it’s my sense of humor that will guarantee I’m never employee of the month, but I digress).

    In the case of what we’re talking about humor can be a valuable learning tool.  Since it’s human error that we’re trying to avoid, and human error can be incredibly funny if presented in the right light. It’s a delicate balance to maintain but it’s worth a try.

  4. Recognize excellence without chastising failure. If you’re doing what we mentioned above it might behove you to recognize the employees who show progress or high aptitude in regards to the subject matter. All the while make sure not to chastise those who don’t.

    It’s human nature to want praise or to be reocognized for an accomplishment, and typically, with little to no prompting, someone who’s been lagging behind will often rise to the occasion in order to receive some themselves.

  5. Repetition leads to retention. They say doing the same thing over and over gain in hope of a different outcome is the definition of insanity, and if we’re being honest, that’s probably true. But in the case of cybersecurity, can you afford not to be crazy?

    It’s constant work to keep your place of business safe. It can be tedious, and repetitive but ultimately worthwhile. Educating your employees can be tedious and repetitive too but ultimately, the end will justify the mean.

    Just make sure to keep the flow of communication consistent and try not to bottle it all up. It’s much easier to drink from a water fountain than it is a fire hose, if you catch my drift.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...