Cybersecurity is a must for modern businesses: Cybercrime accounted for more than $1.33 billion in monetary damages in 2016, according to a report on Statista. While companies are deploying numerous security measures, cybersecurity only works as well as the weakest link — meaning employees who may not be up-to-date, or onboard, with security routines have the potential to let breaches occur.
So, how do you get employees to comply with cybersecurity procedures, for the good of not only the company and its clients, but also for the employees themselves? Below, seven members of Forbes Technology Council provide insight into how you can shift the way employees view cybersecurity compliance and improve overall digital vigilance.
1. Establish Awareness
Establish a cybersecurity awareness program. Conduct frequent mandatory employee training and other related cybersecurity interactions. Share examples from our day to day. Establish simple cybersecurity rules and procedures that employees can easily understand and adopt. The weakest link is the end user. Deploy procedures and tools for cyberthreat exceptions, including user behavior analytics. – Guy Yehiav, Profitect
2. Treat Data Seriously
Today, what used to be private is now no longer the case. In 2013, approximately 40 million Target customers had their names, numbers, emails and credit card information stolen. This is the consequence of a company not treating data seriously. Strong habits, both personal and organizational, surrounding cybersecurity need to be instilled at all levels to create a culture of ethical compliance. – Marc Fischer, Dogtown Media
3. Make It Personal
Making it personal helps with empathy. After the 2016 election, cybersecurity and phishing is on everyone’s minds. Employees are happy to comply when it’s clear that a company isn’t just protecting vital client information, but details about each employee as well. – Q Manning,Rocksauce Studios.
4. Make It Easy
Today’s workforce has grown up using cloud applications that are easy to onboard and use. There is an expectation that business applications should follow those same design principles — that they are just as easy to implement, understand, use and collaborate with little training or manuals — as the tools they use at home. Adoption grows when they have access to business tools like that. – Jan Arendtsz, Celigo
5. Improve Understanding
Any form of resistance that comes regarding compliance is usually due to lack of understanding of the potential risks and low effort to reward ratio. Therefore, in order to improve buy-in, the company must make each employee understand how cybersecurity procedures can pose a threat to their work and, secondly, make the process to opt-in super seamless, especially if it’s a frequent case. – Devashish Sharma, CoHo.
6. Give Employees A ‘Why’
These days, people want to find purpose in their work and make a difference in the world at large. Rather than focusing on how company profits increase with cybersecurity compliance, the focus should instead shift toward the fact that they help prevent the proliferation of cybercrime. Giving an employee a “why” will help them connect to the cause and increase their likelihood of meeting compliance. – Tony Raval, IDMERIT
7. Articulate Clearly
Clearly articulate the need and the importance of cybersecurity procedures and how it safeguards the company’s interests. Before you roll out any measures, get feedback from the stakeholders and incorporate them before launching company-wide. Recognize that there will be differences in access levels and cybersecurity needs among various departments of the company. – Bala Pitchandi, Justworks. – Forbes