avatarJohn Teehan

Summary

Employees are crucial in enhancing cybersecurity for businesses through proper training and best practices.

Abstract

The article emphasizes the importance of employees in cybersecurity, as nearly half of all businesses face cyber threats yearly. It outlines strategies such as strong password creation, two-step authentication, and regular password changes to protect against unauthorized access. The article also stresses the need for safe computing practices, including recognizing phishing attempts and avoiding suspicious links and attachments. Staying informed about the latest cyber threats and maintaining updated systems and software are also highlighted as critical measures. Finally, the article underscores the necessity of having a response plan in case of a cyberattack, making employees the first line of defense in safeguarding business networks.

Opinions

  • Employees can significantly contribute to a company's cybersecurity by adopting best password practices and safe computing habits.
  • Regularly updating passwords and using two-step authentication are simple yet effective security measures.
  • Staying informed about current cyber threats is essential for employees to protect business data.
  • Employees should be trained to recognize and respond to phishing attempts to prevent malware installation and data breaches.
  • Keeping systems and software up-to-date is crucial for patching security vulnerabilities.
  • Having a clear plan for employees to follow in the event of a cyberattack can minimize damage and restore operations quickly.
  • The article suggests that while external cybersecurity measures are important, employee awareness and training are the most valuable assets in cybersecurity defense.

How Employees Can Be Your Greatest Cybersecurity Asset

A little training can go a long way

Nearly half of all businesses have experienced or are going to experience a cyber threat this year, and that number is growing. Every year we read about more cyberattacks and serious data breaches affecting entities of all sizes from local government offices and small-to-medium sized businesses, to sprawling behemoths such as Facebook.

Keeping ahead of the threat seems like a full-time task which can seem incredibly daunting.

The good news is that among your greatest assets in cybersecurity are your own employees. It’s up to you to take advantage of that in order to keep your business or organization running smoothly and with little downtime or fear of compromised systems.

Best password practices

Make sure your employees know how to apply best password practices. This can cover several strategies such as:

  • Strong password creation
  • Two-step authentication
  • Regular changing of passwords
  • Protecting passwords

The above points are simple. Cybersecurity experts recommend that strong password is one that includes a mix of numbers and upper and lowercase letters. Special characters could be an option as well. Passwords should not be easily-guessed dates such as birthdays or anniversaries, nor should they be any word one could find in a dictionary (English or otherwise).

Changing a password regularly can keep a possibly compromised password from being exploited by outside hackers or former employees who are careless with their login information or have malicious intent. Passwords should never be shared and writing them down — even in a “safe space” — should be discouraged.

Two-step authentication goes a long way in preventing unauthorized access to business networks or employee e-mails. Many applications offer two-step authorization options that require an additional step in the login process such as answering a security question or entering an authentication code sent via SMS.

Practice safe computing

Solid passwords are all well and good but offer little security if your employees are careless in their e-mail and internet use. Fortunately, educating employees on safe computing is pretty straightforward.

Make sure that employees know how to recognize suspicious e-mails, attachments, and links. Nearly half of all cyberattacks businesses experience come in the form of phishing attacks in which an e-mail pretends to represent a trusted entity and attempts to convince the e-mail recipient to download an attachment or click on a link. In most cases, this leads to malicious malware getting installed on the computer or mobile device which could then spread to the network.

Malware could expose your security to further infiltration, installation of routines that copy keystrokes and capture sensitive business data, or even overload your servers to the point of inoperability.

While no method can be considered 100% foolproof, employees can help protect your networks by following these simple tips:

  • Never share login or password information via e-mail or text message
  • Hover a mouse over a link without clicking to see where that link actually leads to. It might not be to who they think
  • Never download an attachment without being absolutely certain it is from a trusted source
  • Update spam filters
  • Update virus and malware detection software on a regular basis
  • When in doubt, just don’t. Most well-known entities such as banks, corporations, or governmental websites can be accessed through their websites without having to go through an e-mailed link

Follow the latest cyber threat news

There is no shortage of news coverage — both from conventional news sources and industry sources — regarding data breaches, malware warnings, and ever-evolving phishing scams. Employees can protect themselves and your business by staying abreast of the latest news regarding potential threats.

Some news services offer keyword alert services so employees don’t need to start their day scanning the news for the latest cyber threats. Important information can be automatically e-mailed to them when new information appears.

Stay on top of latest system and software updates

System and software developers are constantly working to improve security. It’s in their best interests to maintain your faith in their product, and that they take your security as seriously as you do. With that in mind, they often send out updates for either your system software or for specific applications that may have security holes that need to be closed.

These apply to both desktop workstations and mobile devices alike. Staying current on updates means your systems are protected before trouble can occur.

Knowing what to do should a cyberattack occur

Finally, should the worst happen and business data is compromised, networks infiltrated, or malware installed…do your employees know what to do? By making sure your employees know how to respond to a successful cyberattack means you can reduce downtime and threats to sensitive data.

While it’s not necessarily expected that every employee is a cybersecurity expert, they should at least know how to contact one — either in-house or remote — in order to get on top of the problem quickly, remove malicious software, and safely restore data.

Employees are your most valuable line of defense

There is a lot to be said for employing managed service providers, consultants, and cybersecurity experts, as well as employing the very latest in network security devices and software. Your first line of defense, however, is going to be your staff.

Train them up. Get them informed. Show them how to stay informed. All of these will lead to a more robust wall of security around your networks so you can focus on allowing your business to flourish.

Thank you for reading. I’d love to share more with you via my Weekly Word Roundup newsletter sent to subscribers every Sunday. It will feature news, productivity tips, life hacks, and links to top stories making the rounds on the Internet. You can unsubscribe at any time!

Security
Cybersecurity
Management
Computer Security
Employee Engagement
Recommended from ReadMedium
avatarJan Kammerath
Why Tech Workers Are Fleeing Germany — A Reality Check

Over the past months and years I have seen a number of friends and colleagues leave Germany for good. Some of them were native Germans…

14 min read
avatarJoe Procopio
Tech Employees Are Beyond Burned Out, and This Time They Need More Than Empty Promises

Morale is in the tank. Quiet quitting is through the roof. Here’s why.

6 min read
avatarJano le Roux
Starlink Just Quietly Launched One Of The Coolest Products I’ve Seen In A While

You might not like Elon, but you’ve got to admit this is incredible.

5 min read
avatarDerek Johnson
I’m Unemployed for Over Two Years (as a software engineer)

In 2022, I worked on a contract as a software engineer at Apple. Apple dissolved our entire team right before the 2022 tech recession…

3 min read
avatarSuhailmalik
FlareVM Malware Analysis Lab: Setup and Operation

Welcome to the FlareVM Malware Analysis Lab article! In this guide, we’ll explore how to set up, configure, and operate a malware analysis…

11 min read
avatarTaimur Ijlal
The Cybersecurity Job market Is Changing... Are you ready for the next 5 years ???

The industry is changing .. Adapt or get left behind!

5 min read