Cyber Security for your network is more than hardening it’s attack surface against the outside world using firewalls and locked server rooms. You must also consider threats from within your network – namely your employees.
Here are 9 tips regarding employees and cyber security
- Have regular training sessions on cyber security. Explore different types of attack scenarios.
- Quiz your employees on their knowledge of cyber security. This will help detect areas of weakness and enable you to fix any weak spots.
- If your company does suffer a breach inform all employees immediately. It’s important to be transparent and inform your employees how to speak to clients and the general public regarding the breach.
- Encourage all employees to speak up regarding suspicious activities such as suspicious emails or phone calls.
- Teach employees about Social Engineering. Many attacks begin with a phone call or an email from someone pretending to be an employee of the company.
- Assume that your business will be infiltrated and train your people how to react in the event an attack occurs. They should know the emergency IT support contact information and basic remediation such as unplugging their computer from the network.
- Senior management is often the focus of cyber-attacks as they have access to more information on the network. Make them aware of steps they can take to protect themselves.
- Have all employees sign an internet usage policy. You can find a sample policy here.
- Prior to firing any employee it’s imperative to inform IT staff in order to disable that employees access to network resources and email.
If you are technically inclined and wish to be informed of cyber security threats currently out in the wild I recommend that you subscribe to the SANS newsletter.
“The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet’s early warning system – the Internet Storm Center.”
You may sign up for the newsletter on their website here: https://www.sans.org/account/login