What your employees need to know about cybersecurity

08 February 2019 | Columns

Bryce Austin



If you are not educating your employees on cybersecurity best practices, you are missing the biggest opportunity for the improvement of your cybersecurity profile.

Employees need access to a lot of important data, and their ability to protect that data - or to inadvertently let it walk out the door of your organisation - is vital.

A lack of education is at the heart of a number of incidents of a major security breaches. You probably heard about the new human resources employee who got an email from the president of the organisation asking for tax information on every employee, so that person sent it exactly as instructed.

The employee did not recognise the email came from a hacker impersonating the CEO, and there was a major security breach.

Entire business models are based on this kind of fraud. Let's pretend I am going to build a site with the world's best collection of cute pet pictures. I'll give you the first 10 for free (and those 10 are the most adorable pictures you have ever seen), but to see more, you need to set up a user name and password. The access is still free, though.

No big deal, right? Wrong. In this scenario, I own this website and I am a criminal, and my business model is to try to use the username and password you just entered at every major banking website, on all major email providers, on your ­company's VPN portal, and anywhere else that I think you might have used the same username and password.

I will then extract any valuable information I can from those sites, sell the information for a profit, possibly ransom your own data to you to make even more money, and then move on to the next victim.

Need some numbers to illustrate why educating your employees about cybersecurity practices is important?

• Per IDG's 2016 Global State of Information Survey, 48% of data security breaches are caused by acts of malicious intent. Human error or system failure account for the rest; and

• According to the Ponemon Institute, 60% of employees use the same password for everything they access. Meanwhile, 63% of confirmed data breaches leverage a weak, default or stolen password.

So where should your company start? Begin with a training programme. Employees need to be educated on cybersecurity best practices. One of the issues any cybersecurity awareness training programme should address is the implementation of real password policies.

There's no easy way to say this, so I'm just going to say it: Passwords stink. They are no fun to create, no fun to remember and no fun to type in. That being said, passwords are still the most common authentication method today.

It is imperative to implement a password policy requiring complex passwords that can't easily be guessed, and end-user training to go along with it.

Many people use the same passwords for every online system for which they need one. This is a problem. If one site gets hacked, cybercriminals will try your credentials at all common websites, and possibly at your business's VPN.

It is imperative your cybersecurity awareness training programme encourages team members to use different passwords for different sites, and especially for any system your company uses.

Most companies have some sort of safety guidelines employees must follow or be aware of and cybersecurity should be no different. There are a number of companies that specialise in this type of training.

Picking the right type of training is critical; having a good cultural fit is more important than the actual content. Be sure to do proper due diligence when making this selection.

The important message is you already know you must train employees on certain things in order to have them perform their job functions. Cybersecurity is one of those things. If you are uncertain as to how to structure a cybersecurity training programme, find an adviser that can help you.

*Bryce Austin is the CEO of TCE Strategy and a speaker on emerging technology and cybersecurity issues. He is author of 'Secure Enough? 20 Questions on Cybersecurity for Business Owners and Executives'.

Similar News

 

No limits for Doeseb

2 days ago - 19 February 2019 | People

Michelline Nawatises Axali Doeseb has been playing ice hockey since 2003.Every day after school he would jump the Tagesheim aftercare centre’s fence to watch...

Truekrav hosts GBV talk

2 days ago - 19 February 2019 | Education

Truekrav Namibia, in cooperation with the Namibian Women’s Society and Kosmos, hosted a gender-based violence (GBV) talk on Thursday at the NG Church in Pioneers...

Radio: The theatre of the mind

2 days ago - 19 February 2019 | Education

Elizabeth JosephOn 13 February UNESCO celebrated the eight edition of World Radio Day under the theme ‘Dialogue, Tolerance and Peace’.On this day people around the...

It’s not over yet!

2 days ago - 19 February 2019 | Education

offers a variety of different classes targeted at both beginners and qualified nail technicians. For beginners, classes are taught in alignment with the modules of...

Empowering young girls

2 days ago - 19 February 2019 | Education

Michelline NawatisesThe ‘Empowering Young Girls into Responsible Young Ladies’ programme is run solely by young mentors who set up the events and conduct them. It...

NBL gives a helping hand

2 days ago - 19 February 2019 | Education

For almost two decades NBL has supported the three schools with the provision of soft drinks for sale as part of the NISE schools’ fundraising...

Ambassadors of Pupkewitz Motors

5 days ago - 16 February 2019 | Education

Octavia Tsibes Pupkewitz motors recently held their fifth round of trainee induction in Windhoek. Eight trainees of which majority were women, completed their training and...

A champion of clear sight

6 days ago - 15 February 2019 | People

iagnose, treat, and manage disorders of the visual system, eye diseases and injuries. Optometrists perform vision tests and analyse results, diagnose sight problems, such as...

Mutorwa’s journey with science

6 days ago - 15 February 2019 | People

Justicia Shipena Marius Mutorwa is a lecturer at the Namibia University of Science and Technology (Nust) in the department of health...

Latest News

The lack of sexual ideology...

2 days ago - 19 February 2019 | Columns

Justicia Shipena Not only does thinking about sex matter, it matters more to humanity than sex in itself. There are many instances of the...

by ELIZABETH JOSEPH

CANA Zone IV champs kick...

2 days ago - 19 February 2019 | Sports

Justicia Shipena Speaking at the opening ceremony, CANA Zone IV secretary-general and treasurer Shaun Adriaanse said zonal swimming events are crucial and essential for the...

by ELIZABETH JOSEPH

Truekrav hosts GBV talk

2 days ago - 19 February 2019 | Education

Truekrav Namibia, in cooperation with the Namibian Women’s Society and Kosmos, hosted a gender-based violence (GBV) talk on Thursday at the NG Church in Pioneers...

by Octavia Tsibes

Radio: The theatre of the...

2 days ago - 19 February 2019 | Education

Elizabeth JosephOn 13 February UNESCO celebrated the eight edition of World Radio Day under the theme ‘Dialogue, Tolerance and Peace’.On this day people around the...

by Octavia Tsibes

It’s not over yet!

2 days ago - 19 February 2019 | Education

offers a variety of different classes targeted at both beginners and qualified nail technicians. For beginners, classes are taught in alignment with the modules of...

by Octavia Tsibes

Empowering young girls

2 days ago - 19 February 2019 | Education

Michelline NawatisesThe ‘Empowering Young Girls into Responsible Young Ladies’ programme is run solely by young mentors who set up the events and conduct them. It...

by ELIZABETH JOSEPH

NBL gives a helping hand

2 days ago - 19 February 2019 | Education

For almost two decades NBL has supported the three schools with the provision of soft drinks for sale as part of the NISE schools’ fundraising...

by ELIZABETH JOSEPH

Ambassadors of Pupkewitz Motors

5 days ago - 16 February 2019 | Education

Octavia Tsibes Pupkewitz motors recently held their fifth round of trainee induction in Windhoek. Eight trainees of which majority were women, completed their training and...

by Octavia Tsibes

A champion of clear sight

6 days ago - 15 February 2019 | People

iagnose, treat, and manage disorders of the visual system, eye diseases and injuries. Optometrists perform vision tests and analyse results, diagnose sight problems, such as...

by Octavia Tsibes

Load More