Posts

Your employees are your first line of defense when it comes to protecting your business from cyberthreats. Human error is one of the single biggest culprits behind cyber-attacks. It comes down to someone falling for a phishing scam, clicking an unknown link or downloading a file without realizing that it’s malicious.

Because your team is so critical to protecting your business from cyberthreats, it’s just as critical to keep your team informed and on top of today’s dangers. One way to do that is to weave cyber security into your existing company culture.

How Do You Do That?

For many employees, cyber security is rarely an engaging topic. In truth, it can be dry at times, especially for people outside of the cyber security industry, but it can boil down to presentation. That isn’t to say you need to make cyber security “fun,” but make it interesting or engaging. It should be accessible and a normal part of the workday.

Bring It Home For Your Team. One of the reasons why people are often disconnected from topics related to cyber security is simply because they don’t have firsthand experience with it. This is also one reason why many small businesses don’t invest in cyber security in the first place – it hasn’t happened to them, so they don’t think it will. Following that logic, why invest in it at all?

The thing is that it will eventually happen. It’s never a question of if, but when. Cyberthreats are more common than ever. Of course, this also means it’s easier to find examples you can share with your team. Many major companies have been attacked. Millions of people have had their personal data stolen. Look for examples that employees can relate to, names they are familiar with, and discuss the damage that’s been done.

If possible, bring in personal examples. Maybe you or someone you know has been the victim of a cyber-attack, such as ransomware or a data breach. The closer you can bring it home to your employees, the more they can relate, which means they’re listening.

Collaborate With Your Employees. Ask what your team needs from you in terms of cyber security. Maybe they have zero knowledge about data security and they could benefit from training. Or maybe they need access to better tools and resources. Make it a regular conversation with employees and respond to their concerns.

Part of that can include transparency with employees. If Julie in accounting received a phishing e-mail, talk about it. Bring it up in the next weekly huddle or all-company meeting. Talk about what was in the e-mail and point out its identifying features. Do this every time phishing e-mails reach your employees.

Or, maybe Jared received a mysterious e-mail and made the mistake of clicking the link within that e-mail. Talk about that with everyone, as well. It’s not about calling out Jared. It’s about having a conversation and not placing blame. The focus should be on educating and filling in the gaps. Keep the conversation going and make it a normal part of your company’s routine. The more you talk about it and the more open you are, the more it becomes a part of the company culture.

Keep Things Positive. Coming from that last point, you want employees to feel safe in bringing their concerns to their supervisors or managers. While there are many cyberthreats that can do serious damage to your business (and this should be stressed to employees), you want to create an environment where employees are willing to ask for help and are encouraged to learn more about these issues.

Basically, employees should know they won’t get into trouble if something happens. Now, if an employee is blatantly not following your company’s IT rules, that’s a different matter. But for the day-to-day activities, creating a positive, educational, collaborative environment is the best way to make cyber security a normal part of your company culture.

Plus, taking this approach builds trust, and when you and your team have that trust, it becomes easier to tackle issues of data and network security – and to have necessary conversations.

Need help creating a cyber security company culture that’s positive? Don’t hesitate to reach out to your managed services provider or IT partner! They can help you lay the foundation for educating your team and ensure that everyone is on the same page when it comes to today’s constant cyberthreats.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

cyber security

And What You Need To Do NOW To Protect Yourself

Everybody gets hacked, but not everything makes the evening news. We hear about big companies like Target, Home Depot, Capital One, and Facebook getting hacked. What we rarely hear about are the little guys – the small businesses that make up 99.7% of employers in the United States, according to the Small Business Administration. It’s these guys who are the biggest targets of cybercriminals.

Basically, if you run a business, that business is a potential target. It doesn’t matter what industry you’re in, what you sell or how popular you are. Cybercriminals go after everybody. In 2018, a cyber security survey by the Ponemon Institute found that 67% of small and midsize businesses in the US and UK were hit by a cyber-attack.

For the cybercriminal, casting a wide net makes the most sense because it gets results. It puts them in a position where they are able to extort money, steal sensitive information and ultimately profit off of destroying the property, prosperity and reputation of others.

Why do cybercriminals love to target small businesses? There are a handful of reasons why small businesses make sense to attack.

  1. Small Businesses are the most vulnerable. Business owners, entrepreneurs and executives aren’t always up-to-date on network security, current cyberthreats or best practices in IT. They have a business to run and that’s usually where their focus is. Unfortunately, that means cyber security can take a back seat to other things, like marketing or customer support. This also means they might not be investing in good network security or any IT security at all. It’s just not top-of-mind or they may feel that because it’s never happened to them, it never will (which is a dangerous way of thinking).
  2. Small Businesses don’t take IT security seriously. Coming off that last point, it’s true that many businesses don’t properly secure their network because they feel that they aren’t vulnerable. They have the mindset of “It hasn’t happened to me, so it won’t.” Along those same lines, they might not even take password security seriously. According to research conducted by Trace Security, upward of 80% of ALL breaches come down to one vulnerability: weak passwords! Even in 2020, people are still using passwords like “12345” and “password” to protect sensitive data, such as banking information and customer records. Secure passwords that are changed regularly can protect your business!
  3. Small Businesses don’t have the resources they need. Generally speaking, medium to large companies have more resources to put into IT security. While this isn’t always true (even big companies skimp on cyber security, as the headlines remind us), hackers spend less time focused on big targets because they assume it will take more of their own resources (time and effort) to get what they want (money and sensitive data). Many small businesses lack the resources like capital and personnel to put toward IT security, so hackers are more confident in attacking these businesses.

Just because you haven’t had any major problems for years – or at all – is a bad excuse for not maintaining your computer systems. Threats are growing in number by the day. While many small businesses might think, “I don’t have the time or resources for good security,” that’s not true! You don’t need to hire IT staff to take care of your security needs. You don’t need to spend an arm and a leg securing your network. IT security has come a LONG way in just the last five years alone. You can now rely on an IT security firm, like GCInfotech, to handle all the heavy lifting. They can monitor your network 24/7. They can provide you with IT support 24/7.

That’s the great thing about technology today – while many hackers are doing everything they can to use technology against us, you can use it against them too. Work with a dedicated and experienced IT security firm. Tell them your business’s network security needs and they’ll go to work fighting the good fight against the bad guys.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE