It’s been quite a year already. Global data breaches have already compromised 4.5 billion records in the first half of 2018, a 133% increase compared to the same time last year.
This disturbing trend is cause for concern not only for consumers but especially for your business and employees.
Online Safety at Work
As we are more than midway through the 15th annual National Cyber Security Awareness Month (NCSAM), it’s the perfect time to start thinking about good workplace best practices.
Your organization’s online safety and security are a responsibility everyone shares. The first thing to consider is how to prevent cybersecurity incidents, which means taking a closer look at your most valuable asset: your employees. Unfortunately, they’re your weakest link.
The Human Factor
According to Anthony Dagostino, head of Global Cyber Risk at Willis Towers Watson, approximately 60% of cybersecurity incidents at work are attributable to human error. This can be due to lack of continuous training, especially within a workplace culture where employees don’t regularly handle Personally Identifiable Information (PII) and therefore, don’t understand what they need to do to protect it.
One regular subject I hear during InfoSec security training is around spear phishing. This is the fraudulent practice of sending emails that appear to be from a known or trusted sender to coax targeted individuals into revealing confidential information. Employees will often click on links or attachments in these emails that ultimately download malware onto their computing devices.
Another common area where there can never be too much training: how sharing passwords can be extremely reckless. According to a report released by SailPoint, 65 percent of employees admitted to using the same password in multiple locations, and 32 percent shared passwords with co-workers. Poor password hygiene leaves entry points to your organization’s private data vulnerable to fraudsters.
To mitigate these common risk areas, it’s important to build a culture that advocates practicing good cyber security habits with regular training to explain why this is important to your organization.
Every time a company provides cybersecurity training, its risk of falling prey to a successful phishing attack decreases by 20 percent.
The following are quick fixes you can implement right away:
- Work with your IT, Security, and InfoSec teams to ensure corporate security software is current. It’s the best defense against viruses, malware, and other online threats
- Encourage your employees to enable Two-Factor Authentication to protect access to accounts
- Limit access to data or systems only to those who require it to perform their core duties
- Assert clear rules for what employees can install and keep on their work computers
- Tell your employees to never click on suspicious links in email, tweets, posts, online ads, or attachments – even if they know the source
- Encourage employees to say something if they notice anything strange on their computer
Protect Your Employees
Your culture of cybersecurity should extend beyond your overall business performance. Cyber threats impact your employees, too. In fact, three out of five people have been impacted by a data breach. One out of five is ultimately a victim of identity theft or fraud.
Identity crime is a business that isn’t slowing down. So, how can you protect the people who help grow your bottom line?
It’s also critical to not overlook the value of employee benefits. According to a recent study, 79 percent of employees would prefer new or additional benefits as opposed to a pay increase. The most in-demand, non-traditional voluntary benefit for the past couple of years is identity theft protection. According to research from Willis Towers Watson, 70 percent of employers are expected to offer identity protection services this year.
Real Support from Real People
Just like healthcare benefits and paid time off, identity protection services reduce stress and increase feelings of security. In tandem, offering the benefits employees need to stay happy and healthy enables them to stay focused on their work.
Uniting IdentityForce + EZShield enables us to provide the industry’s top-rated digital identity theft protection and cybersecurity solutions. Our services are designed to continuously secure your employees’ personal data and restore their identity when fraud or identity theft occurs. Our award-winning restoration services are completely managed by our own in-house, U.S. team of certified Resolution Specialists, 24/7.