October is National Cyber Security Awareness Month – Are Your Employees Well-Trained?
October is recognized as National Cyber Security Awareness Month, and as if to prove its importance, IT Business Edge reported there were three big data breaches announced right at the start of the month.
That in and of itself may be enough of an incentive to not only recognize NCSAM, but also to get your employees involved as well.
Businesses Putting the Emphasis on Cyber Security During October
IT Business went on to highlight three companies that are taking cyber security and potential threats seriously. These business include:
Zuora: This billing platform is used by subscription services including Netflix, is making cyber security of rise to the level of utmost importance in nearly every facet of their business. In honor of NCSAM, Zuora announced it launched an employee-centric awareness campaign and also developed a Security Awareness channel included within the employee chatting tool. The channel lets employees directly communicate with security team members to have questions and concerns responded to in real time.
CDK Global: This technology solutions company works primarily with vehicle dealers, and they’ve long been involved in the fight for improved cyber security. The company announced a launch this year of the SecurityFirst campaign, which puts the spotlight on not only business-based cyber security but also issues related to personal cyber security. As part of this, CDK unveiled a free and in-depth training program focused on security and awareness for auto dealers. The training program includes brief videos totaling 8-10 minutes, which cover topics such as how to identify malware.
The company’s social media accounts are also being used throughout the month of October to post tips and information about cyber security.
Baylor University: This Texas-based university has a branded security awareness program that they run throughout the year, but particularly highlight in October. It’s called the BearAware Program, which includes updates, training sessions and more fun additions, such as giveaways. When they hold training sessions and speaking events, they work to ensure they’re as personally relevant and applicable to participants as possible.
The U.S. Department of Homeland Security’s Tips for Small Businesses
The U.S. Department of Homeland Security is advocating for tighter cybersecurity across the country, including for small businesses.
By visiting their website, you can discover toolkits designed just for small businesses.
DHS says the following about cyber security for small business:
Small businesses may not consider themselves targets for cyber attacks due to their small size or the perception that they don’t have anything worth stealing. However, small businesses have valuable information cyber criminals seek, such as employee and customer records, bank account information and access to the business’s finances, and access to larger networks. In some ways, small businesses are at a higher risk of cyber attacks than larger businesses because they often have fewer resources dedicated to cybersecurity.
Involving Employees
Before delving directly into how to train employees and create e-Learning focused on cyber security, it’s advantageous first to look at how you can involve employees in the process and experience in a general way.
A few simple tips include:
- Follow the example of the businesses listed above and get employees involved by creating a comprehensive awareness program that approaches the subject from multiple different angles, including through e-Learning and training, social media and special events, such as expert speakers.
- While it can be interesting to highlight cybersecurity during October, it shouldn’t be exclusively something your employees think about during this month. Instead, make it part of your year-round, everyday corporate culture.
- Don’t just instruct employees on how to recognize cyber security, but also on what actions they should take when they believe they’ve detected a threat.
e-Learning for Cyber Security
Once you’ve gotten your employees involved in the overall idea of how important it is to combat cyber security, it’s smart to train them using e-Learning.
- Don’t just train lower ranking employees—in reality top executives and managers can be a greater risk of experiencing an IT or cybersecurity threat and it can be more detrimental because of the amount and sensitivity of information they have access to. It’s also important to deliver e-Learning training to your IT professionals because these are the people that tend to have the most power over the network.
- To make this type of training more relevant, ensure you’re updating your e-Learning modules regularly and source news stories and current events to include that will not only lead to more engaging training but will also show how important these topics are.
- Integrate cybersecurity training with social media training. We’ve talked in the past about the importance of social media training, and this is also where many cyber threats originate, so bring these two training topics together within your e-Learning.
- Use your learning management system to encourage collaboration and real-time discussions on the themes. You’ll likely find that topics surrounding cyber security are ever-evolving, which is why it can be useful to follow the example of the companies listed above and provide a way for employees to ask questions and voice concerns in an internal and real-time way.
- As we mentioned previously, it’s important not just to focus your e-Learning training on how to recognize attacks or why they’re bad, but also to provide actionable steps employees can and should take in the event of a threat. It’s best to be proactively prepared for such an incident to avoid a major meltdown or even a scandal that can occur as a result of a cyber attack.
- Along with e-Learning training, it’s also beneficial to put in place a plan of overall action your company will take in the event of cyber attack, as well as a course of internal employee communication that will occur.
- Since cyber security training can feel incredibly boring, much like other types of compliance training, use this as an opportunity to include features such as videos, scenarios, and even gamification within your e-Learning.
Do you train your employees on cyber security? If you do, have you seen results thanks to training?
Don’t Miss These Essential Tools