How to Build a Cyber Security Culture at Your Firm

Implementing a working culture of cyber security is difficult. Compliance is complex and rolling out a complete system and nailing out all the details is an extensive effort. Meanwhile, your firm and its employees must collaborate and share information at maximum efficiency. It’s apparent that you need a simple intuitive system that can be rolled out easily and seamlessly. Without it, establishing a firm-wide system of cyber security becomes a long-term goal that requires weeks, if not months, of planning.

As a result, some businesses, particularly small businesses, de-prioritize the implementation of a security system altogether. Although on the surface it does not seem like an issue, the consequences of not offering proper protection over your firm and your clients’ data expose you to cyber threats that have a make-or-break effect on your company.

Last week, the Huffington Post shared a list of 6 tips on how to build a cyber-security culture at work. This list includes many helpful facts and tips to benefit and improve the security and workflow of every business.

Among them are some very eye-opening facts:

  • Almost half of all cyber security attacks target small businesses with less than 250 employees. (Symantec Report)
  • 60 percent of small businesses cannot sustain their businesses beyond six months after a cyber-attack. (NCSA)
  • Target’s massive breach in 2013, which affected the personal information of 60 million and the credit card details of 42 million customers, reached $2.5 billion in estimated total losses after four years. (Rippleshot)
  • Data breaches are mostly the result of employee error or an inside job

It’s unsettling that these cyber attacks can easily be prevented through these simple organizational practices:

Embracing organizational security top down

Being active with implementing and stressing the importance of security policies – starting with executives and managers, people within the company with the most influence.

Establishing cyber security policies, standards, and procedures

Set performance metrics, standards, and goals. Measure progress and track the effectiveness of your policies against cyber threats frequently. Make sure your guidelines are clear and consistently followed throughout the firm.

Creating ongoing security awareness programs that are fun and engaging

As our COO, Tony Abou-Assaleh, would always say, “a secure system that no one uses isn’t securing anything.” Make security easy, fun, and attractive. Include incentives for employees to participate!

Focusing on security basics

The most simple tricks in the book: are strong and complex passwords, regularly updated patch programs, and enabling a two-factor authentication security system for all employees.

Viewing security as an enabler

Allow your employees to ask for clarification and further training, and learn from mistakes rather than be reprimanded.

Assisting telecommuting employees to work safely

Provide employees with an open and trusting line of communication with security staff and management to minimize taking shortcuts with customer data or work files. Use a virtual private network, such as the TitanFile app. A remote workforce requires additional steps to reduce the potential for a cyber attack and data loss.

Stay safe and be protected from external cyber threats this May!