There’s a great article by Forbes Technology Council on 10 tactics to help teach cyber security best practices to your whole team. It uses quotes from leaders in the industry to illustrate each tactic, and is really spot on, so we’ve summarised it here for you:
- Sameer Shelke says cyber security in today’s world is best executed in-house so that every function, role and team member is responsible for protecting the business. Tactic = explain why secure data benefits your business.
- Sultan Meghji uses metaphors and analogies to explain why cyber security is relevant to the team, for example: in manufacturing, the team is the assembly line, in healthcare it’s the immune system. Tactic = use analogies that your team can relate to.
- Jacek Materna notes that cyber security training is most effective when its tailored to a particular type of job because developers learn differently to marketers, and sales different to support. Once you’ve shown people how cyber security will enable their particular jobs, they’ll engage. Tactic = tailor your training by department.
- Stephanie Roberts sends out a monthly newsletter to her team, with real examples showing positive moves made in cyber security each month. It helps to keep a team focused and aware. Tactic = give attention to progress.
- Chalmers Brown says there’s way more value in teaching how to detect suspicious activity than teaching the technical aspects of cyber security. Tactic = emphasise basic aspects.
- Arnie Gordon finds it useful to use uniform processes for all aspects of business, ie internal communication on one platform, client communication on another, and billing limited to a single process so that unfamiliar messages stand out. Tactic = use consistent processes.
- Chris Deramus’s advice is to convey to people why cyber security counts on a personal level, and that each person is as responsible for maintaining security as the next.
Tactic = explain the direct negative impact of poor security.
- Song Li encourages all employees to double-check a web URL before typing in sensitive info, and to double-check an email’s reply address before sending a mail. He calls it a sanity check. Tactic = encourage double-checking.
- Steve Pao reminds us there are business continuity services available these days that allow a business to simulate a hack, and test your systems and educate your employees.
Tactic = simulate a cyber attack.
- Abishek Surana Rajendra says arm everyone with the same tools, ie teach new employees the cyber security rules and constantly reinforce them so that everyone develops cyber common sense. Tactic = develop cyber common sense.
Here’s the original article from Forbes Technology Council.
IronTree has technical ideas on how to protect your business using dedicated services.