IdentityForce LogoIdentityForce Logo
Protect What Matters Most.
Set of keys representing cybersecurity
Posted on October 10, 2018 by in Business, Employee Benefits, ID Protection Tips & Awareness, Security Compliance

October is National Cybersecurity Awareness Month (NCSAM) and it’s the perfect time to implement a new educational training series for your employees. Continuous education programs can help safeguard your employees’ confidential information and protect against cyberattacks that can lead to crippling financial damage, fraud, and identity theft.

Now in its 15th year, NCSAM focuses on internet security as a shared responsibility for all – something that I emphasize to all the organizations and partners we work alongside. Embedding helpful reminders and security best practices throughout your employee and customer communications is on ongoing process.

Unfortunately, internal errors are still a leading cause of data breaches for companies of all sizes and in all industries. Additionally, as we’ve seen the consumerization of IT grow exponentially, Bring Your Own Devices (BYOD) and apps that aren’t “company approved” continue to serve as a gateway for breaches. In fact, 74% of IT leaders from global enterprises report that their organizations have experienced a data breach as a result of a mobile security issue. Let’s examine why, and then review some of the training programs you can put in place to keep all your key constituents vigilant.

Employee Negligence & Security Breaches

It happens every day. An employee clicks on a phishing email, accidentally uploads confidential data to a public-facing website, or loses a company-issued device. Before you know it, hackers are holding your company hostage with ransomware or stealing the Personally Identifiable Information (PII) of employees and customers.

According Shred-it’s 2018 State of the Industry Report, 84 percent of C-suites admit employee negligence is one of their biggest security risks. For most of your employees this is just a matter of awareness, vigilance, and being taught what to do (and what not to do) in certain situations.

Today’s Digital & Remote Employee

An “always on” workforce means that no matter where they go, they are connected – and their devices can send and receive corporate, and perhaps highly-sensitive data. While this has influenced the digital employee experience by raising expectations for productivity and efficiency, it has also given way to a new demand for flexible, remote work options.

This progress has been a positive for business operations and work-life balance. However, it has also created a series of new attack surfaces that cybercriminals can use to gain entry to company networks, email accounts, and unsecured devices.

So, even if you have a large contingent of remote workers, be sure that they receive the same thoroughness of security training as your on-site employees.

5 Keys to Protect Against Cyberattacks

Whether your in-house IT or Information Security teams deliver the training, or you outsource it to a third-party, properly educating your employees is essential to guide appropriate online (and offline) behavior and reduce your risks of a data breach. Here are 5 topics that I recommend covering:

  1. Password Security

Passwords hold the key to unlock the company data fortress. Help your employees understand the importance of keeping their passwords lengthy, random in nature, and updated regularly. No one should ever write down their passwords or reuse passwords across different websites. Instead, instruct them utilize a password manager. You can even have them take a password strength test.

  1. Suspicious Email Detection

CEO fraud and phishing scams can be easily spotted if you know what to look for. Train your employees on how to identify a suspicious email and not to click on any of the links.

  1. Appropriate Web Usage

If you leave the entire Web open to employees, be sure to train them on how to only visit secure (https) websites that are work appropriate. Visiting untrustworthy sites can expose company assets to malware.

  1. Portable Storage Devices’ Best Practices

If your employees use USB drives or external hard drives to store or transport files, training them on how to secure their data is another important step. Portable storage devices can be easily lost, stolen, or misplaced.

  1. Vigilance = Protection

When an employee is the source of a security breach, they can negatively impact thousands of lives. Not to mention, their company could face millions of dollars in fines and fees as a result. Let them know these consequences, and that termination is often the outcome for employees who cause data breaches.Identity Theft eBook

As a part of your training, the second edition of our eBook, Protecting What Matters Most: Insights, Trends, and Perspectives on Protecting Your Digital World, is an insightful and complimentary resource. I’d encourage you to share with your employees, customers, partners – essentially anyone you think would benefit from learning more about protecting business and personal information.

Implement a Final Layer of Defense

Even though U.S. cybersecurity spending is expected to reach $66 billion in 2018, and employee trainings certainly help, there is no silver bullet  to prevent cyberattacks. If you’re exposed, the damages extend beyond financial. One in three data breach victims later go onto experience identity theft. Those individuals include your employees and customers.

By rolling out the industry’s best identity theft protection as a non-taxable employee benefit, you’ll add a layer of defense that provides insurance against the fallout from a data breach.

Experience our suite of protection services for yourself with a Free Business Trial.

Identity Theft Protection Employee Benefit