Building a Culture of Cyber-Security at Work
With the number of internet users soaring, globally, the attack surface for cyber threats is massive. By 2022, that surface is to span nearly six billion people, as per a report from CSO Online. With more than half the world’s population accessing the internet in 2017, it isn’t a stretch to say that cyber-attacks may be a threat to nearly every human on Earth, in the years to come.
Small businesses are the target of almost half of all cyber-attacks, and as per the US National Cyber-Security Alliance, 60% of those businesses won’t make it past six months after such an attack. What’s scarier? Big businesses can amass big hits as well, with losses sometimes reaching billions of dollars. The access point? An unsuspecting associate.
This calls for action.
Fostering a culture of cyber-security at work is crucial to the safety of an organization and its associates. Consistent, safe behaviors, facilitated by a strong cyber-security awareness and training program prepare the organization for worst-case scenarios, saving everyone valuable time, energy, and money.
To build a strong and digitally secure organization, I’ve identified a few practices we can all follow to be safer at work:
- Keep your anti-virus up-to-date on all devices you conduct business on, even phones. They’re the latest target!
- Ensure that documents shared between you and anyone else is appropriately marked so that others can easily distinguish which documents are real and which could be potentially harmful. While sending documents back to the original sender, be sure to update the marker on the document to represent the latest version, for proper indexing and recognition.
- Always conduct financial transactions on a secure computer, using dual-factor authentication when possible. Avoid doing such work on open-source systems such as an Android phone.
- Be certain your online profiles, and Wi-Fi and IoT devices are secured with complex passwords. Update these passwords every few months to maintain security at high levels. No one wants a stranger seeing what you see through your own camera!
- Report any “phishy” activities! If you feel you’ve received a suspicious email, or worse, followed through on what was mentioned in said suspicious email, alert your IT team ASAP. The faster we recognize and counterattack a potential threat, the faster we ensure the security and success of our organization.
- Look out for each other. Being part of the same team and same organization means if you see someone else making a decision that may be unwise or harmful to the organization, consult that individual, or someone in the IT team, to ensure the safety and smooth running of the organization’s business.
The saying, “A team is no stronger than its weakest link” could not be truer here. You are the first line of defense against cyber threats. Taking the time to understand the significance of your information, and the possible threats to that information, is vital to ensure the safety of all your information assets. One small misstep can jeopardize everyone’s information. So, while an IT Security team works to ensure the organization, its associates, and its data are all safe on the back end (in addition to top-down practice implementation, training programs, etc.), make sure you do your part to truly be secure in the digital era.
The power to be safe is quite literally within your fingertips.
R K Nair
Sr. Director – Information Security