Twitter Facebook LinkedIn Flipboard 0 October is National Cybersecurity Awareness Month (NCSAM) and it’s the perfect time to implement a new educational training series for your employees. Continuous education programs can help safeguard your employees’ confidential information and protect against cyberattacks and data breaches that can lead to crippling financial damage, fraud, and identity theft. Now in its 17th year, NCSAM focuses on internet security as a shared responsibility for all — something that Sontiq emphasizes to all the organizations and partners we work alongside. Embedding helpful reminders and security best practices throughout your employee and customer communications is an ongoing process. Unfortunately, internal errors are still a leading cause of data breaches for companies of all sizes and in all industries. Additionally, as we’ve seen the consumerization of IT grow exponentially, Bring Your Own Device (BYOD) policies and apps that aren’t “company approved” continue to serve as a gateway for breaches. In fact, 74% of IT leaders from global enterprises report that their organizations have experienced a data breach as a result of a mobile security issue. Let’s examine why, and then review some of the training programs you can put in place to keep all your key constituents vigilant. Employee Negligence & Security Breaches It happens every day. An employee clicks on a phishing email, accidentally uploads confidential data to a public-facing website, or loses a company-issued device. Before you know it, hackers are holding your company hostage with ransomware or stealing the Personally Identifiable Information (PII) of your employees and customers. According to Shred-it’s 2019 State of the Industry Report, corporate executives admit employee negligence has led to 52% of security breaches. For most of your employees this is just a matter of awareness, vigilance, and being taught what to do (and what not to do) in certain situations. Today’s Digital & Remote Employee An “always-on” workforce means that no matter where they go, they are connected — and their devices can send and receive corporate, and perhaps highly-sensitive data. This has never been more accurate as it has been in 2020, with the global COVID pandemic driving massive online traffic for working, learning, and playing — and introducing greater organizational risks through employees’ home network threats. Cybercriminals have a series of new attack surfaces they can use to gain entry to company networks, email accounts, and unsecured devices. And, with the influx of COVID-19 scams, including those targeting the remote workforce, your employees are now increasingly exposed to criminals stealing their personal information. If you now have a large contingent of remote workers, be sure that they receive the same thoroughness of security training as your on-site employees. 5 Keys to Protect Against Cyberattacks Whether your in-house IT or Information Security teams deliver the training, or you outsource it to a third-party, properly educating your employees is essential to guide appropriate online (and offline) behavior and reduce your risks of a data breach. Be sure to include these five topics: Password Security Passwords hold the key to unlock the company data fortress. Help your employees understand the importance of safeguarding passwords, keeping them lengthy, random in nature, and updated regularly. No one should ever write down their passwords or reuse passwords across different websites. Instead, instruct them to utilize a password manager. You can even have them take a password strength test. Suspicious Email Detection CEO fraud and phishing scams, often known as Business Email Compromise (BEC), can be easily spotted if you know what to look for. Train your employees on how to identify a suspicious email and not to click on any of the links. Appropriate Web Usage If you leave the entire Web open to employees, be sure to train them on how to only visit secure (https) websites that are work appropriate. Visiting untrustworthy sites can expose company assets to malware. Portable Storage Devices’ Best Practices If your employees use USB drives or external hard drives to store or transport files, training them on how to secure their data is another important step. Portable storage devices can be easily lost, stolen, or misplaced. Vigilance = Protection When an employee is the source of a security breach, they can negatively impact thousands of lives. Not to mention, their company could face millions of dollars in fines and fees as a result. Let them know these consequences, and that termination is often the outcome for employees whose actions lead to a data breach. Organizational security is everyone’s business. Our company’s recent webinar, Going the Distance: Tips for Protecting You & Your Family Against Heightened Fraud, is an insightful and complimentary resource. Share it with your employees, customers, partners — essentially anyone you think would benefit from learning more about protecting business and personal information in a digital environment. Twitter Tweet Facebook Share Email This article originally appeared on Fighting Identity Crimes and has been republished with permission.Find out how to syndicate your content with B2C Author: Eugene Bekker Follow @EZShield Eugene Bekker is the Chief Security Officer at EZShield. He originally joined EZShield in 2008 as a consultant and today he oversees the architecture of the core technology platform, as well as manages EZShield’s security and compliance program. Prior to EZShield, Eugene was the Chief Architect at PowerVision Corporation, an Information Technology and … View full profile ›More by this author:Broadvoice Data Leak Exposes 350 Million Personal RecordsPhishing Emails Spread Pony Malware