advertisement
Home
News
Sports
Suburban Business
Entertainment
Lifestyle
Opinion
Classifieds
Obituaries
Shopping
Newspaper Services
Business

Cyber training for employees: Reducing the likelihood of human error

Posted August 04, 2024 5:25 am
By Chip Miceli

Cybercrimes are no laughing matter. We have all heard stories of the damaging effects of cyberattacks on a business.

Estimates are that a data breach can cost a small business anywhere from $120,000 to $1.24 million. A Verizon report says 60% of small businesses that experience a cyberattack go out of business within six months.

Small business owners may feel they are not as valuable a target as a larger business. However, statistics show that more than 45% of cyberattacks are on small businesses.

Don’t be one of them. Your company can reduce its chances of being breached with a strong employee training program and proper protocols.

A Stanford University study claimed 88% of data breach incidents are caused by employee mistakes, and other studies show the number even higher.

That’s a daunting statistic, and it reinforces the importance for comprehensive employee training. Your employees, properly trained, can serve as a strong line of defense against unwanted intrusions.

Here are some of the key points a training program should include.

Email awareness: Phishing attacks are a common way in for hackers looking to breach an organization’s network. “Lack of awareness” and “human nature” are a hacker’s best accomplices. A cleverly worded email offers an incentive if the recipient will click on a link — and that is where the problem starts. A training program should teach employees how to recognize these bogus emails, and not to trust unsolicited emails. In addition to training employees, the company must be certain that all anti-virus and firewall programs are up-to-date. In particular, make your employees aware of the dangers of opening attachments.

Passwords: Employees must be trained on the importance of creating strong passwords that are difficult to “crack” and changing them frequently. There are strategies you can employ to train your employees, including providing a unique password for each online account, tips for how to create strong passwords (using a combination of symbols, numbers and letters), and to use multifactor authentication (MFA) to provide additional security. This training component could be accompanied by bringing in an expert to attempt to hack into employees’ emails to test the system’s vulnerability.

Employees using personal devices: One vulnerability for a company’s infrastructure is the improper use of personal devices on the network. Training employees on the proper protocols for personal devices in the workplace is critical. Employees should be trained to follow these practices:

1. Strong passwords on each device;

2. Encryption for all devices. Use a Virtual Private Network (VPN) on all devices if in areas with unknown wi-fi services (i.e., public places like coffee shops and malls);

3. Every personal device should run company-approved antivirus.

Safe use of the internet: With the workforce being a combination of in-house and virtual, it is especially critical to train employees to follow the strictest of internet safety rules. In training employees, teach them the importance of recognizing domains that are suspect — with misspellings that look almost like “the real thing.” Training should emphasize the importance of verification of everything before opening it. This is especially true of anything with links, downloads or files with unusual suffix endings.

Don’t overlook the obvious: When implementing training protocols for employees, don’t overlook the importance of security both in the office and in the home office. Sensitive data should be stored under lock and key. This includes paper products, as well as portable and removable devices. Employees should be trained in practices of locking away documents with sensitive information, and also in the practices of shredding no longer needed paper documents.

Whether you perform employee training in-house, or bring in an outside cybersecurity partner to conduct the training, it’s important that the training be through, consistent, and ongoing. The best anti-virus protection and firewalls can get you partway toward a safe environment. Having well-educated and trained employees who can recognize cyber threats can make all the difference.

• Chip Miceli is CEO of Pulse Technology, www.pulsetechnology.com, a Schaumburg company specializing in IT and other technological solutions.

0 Article Comments
Article Categories
Business Communities Information Technology Schaumburg Small Business Technology
Article Comments
Guidelines: Keep it civil and on topic; no profanity, vulgarity, slurs or personal attacks. People who harass others or joke about tragedies will be blocked. If a comment violates these standards or our terms of service, click the "flag" link in the lower-right corner of the comment box. To find our more, read our FAQ.
Back To Top
About Us
Staff
Quick Links
Advertising
Services
Copyright © 2024 Paddock Publications, Inc., P.O. Box 280, Arlington Heights, IL 60006
Paddock Publications, Inc. is an Employee-Owned Company