Week 2 Theme: Cyber Security in the Workplace is Everyone’s Business
For every employee, ensuring the cyber safety of their company network and data should be a daily to-do. A high percentage of hacks result from employees – phishing attacks, documents containing malware, poor passwords, public wifi, etc… Where to start you ask? Make sure your employees know their role in protecting the company network and data. Educate them on the risks and how to stay safe online. Make sure they know what to do when they suspect a problem. And make sure they understand the importance of protecting the intellectual property of the company and the “crown jewels” of your digital assets.
Keep in mind that your HR data is just as important as your financial and trade data. In additional to having a responsibility to protect your digital assets that relate to your products and services, you must also protect your employee data. Every business has Personally Identifiable Information (PII) on every person it employs.
Securing your company’s network perimeter is critical, but having a layered security approach with detection and mitigation measures in place is just as important. If a hacker breached your network, would you know they are there? What would you do if you find them? As you identify and categorize cybersecurity risks, do you remediate them or just note their existence? Consider the recent Equifax breach. It was just disclosed that Equifax knew of the breach for at least two months, increasing the potential that heavy penalties will be imposed for such cases.