Many aspects of a company or organization, such as internal & external communication, customer relations and data storage, are digitalized. While this has its advantages, it also represents risks & threats that all companies & organizations need to prepare for. According to the ANSSI’s latest “panorama” report, cyber-security awareness is essential to ensure optimum security for employees & the company.
What is the role of cybersecurity awareness?
First of all, the aim of cybersecurity is to reduce risks in the world of cyberspace: to protect systems, networks and programs against cyberattacks. According to IBM, 85% of corporate cybersecurity incidents are linked to human failures. Raising awareness of cybersecurity also helps to minimize these incidents & to understand the various existing threats. The aim is to know how to act & react responsibly, so as to avoid certain bad practices such as :
- Click on a malicious link;
- Download an infected attachment or virus;
- Transmit personal information to malicious persons;
- Disclose personal data;
- Losing (unsecured) data that can be misused…
All these attacks can have serious consequences for a company or organization, such as data loss, financial, organizational, legal, regulatory and reputational impacts, etc.
What can be done to raise awareness of cybersecurity among employees? (Non-exhaustive list)
- Train employees at all levels in digital hygiene: IT-Gnosis recommends the ANSSI MOOC or EC-Council’s CSCU, Certified Secure Computer User. It provides users with the knowledge and skills they need to protect their most important information. It also enables them to understand the various IT security threats;
- Carry out regular awareness-raising activities: for example, doing some checkpoints and illustrate what you’re saying with concrete examples of cyberthreats & test your staff’s knowledge as often as possible;
- Draw up an IT charter accessible to all, so that everyone can refer to it;
- Organize simulated attacks to help employees recognize fraud attempts;
- Implement strict guidelines for creating & managing passwords;
- Encourage the use of two-factor authentication;
- Use posters & other visual reminders.
Cyber-security awareness concerns every user, every employee. It’s a collective responsibility. As threats evolve, companies and organizations must also be able to adapt and keep abreast of them, in order to counter them as effectively as possible.
In October, for Cybersecurity Month, IT-Gnosis will be sharing tips & advice on its LinkedIn page. Don’t hesitate to follow our page!