For many, it’s hard to picture a work environment that doesn’t revolve around the use of technology. Digital, cloud-based services coupled with access through mobile and IoT devices have completely reshaped organizations by streamlining business processes and enabling people to work anywhere, anytime. Thanks to these advances, there have also been a variety of recent shifts in how employers and employees interact with each other, ranging from liberal remote work policies companies asking employees to bring their own devices to work.
Often these changes feel remarkable, efficient and convenient, as they make our work lives much more efficient – but these advancements also create concerns around cybersecurity. Many devices contain both personal and professional data , and when we take our work home or on the go with us, we’re not constantly protected by a company firewall, safe Wi-Fi, or other standard cybersecurity measures. Regardless of what industry you are in, online safety is no longer just IT’s problem. Cybersecurity is now a shared responsibility between an organization and its employees.
Naturally, these changes require education and communication around cybersecurity best practices in order to develop positive habits that will keep both employers and employees safe. Getting a habit to stick also requires an organization to develop culture of security in tandem, in which every individual and department is accountable for cybersecurity and bands together with the shared objective of staying secure.
October is National Cybersecurity Awareness Month, which is a great time to look at how everyone can be a part of the cybersecurity solution within their organization. If cybersecurity has not historically not been a priority within an organization, starting a conversation about it can be difficult, whether you’re an employee or an employer. Consider using these tips to start thinking about personal cybersecurity and how that translates into an overall cybersecurity plan within your organization.
Employers can take the following steps:
- Identify which company assets are of greatest value, then ensure security measures are in place. Employee, customer, and payment data are all assets that cybercriminals could leverage via phishing, malware, password breaches, and denial-of-service (DoS) attacks. Begin to develop a formal cybersecurity plan based on your specific needs.
- Set up an alert system. Put a system into place that will alert employees and your organization of an incident. This also includes an avenue for employees to report problems they might notice before they become widespread. The sooner people know about a vulnerability, the faster they can respond and take action.
- Develop a response plan. Practice an incident response plan to contain an attack or breach. Keep in mind the goal of maintaining business operations in the short term while assessing the long-term effects of the cyber incident.
Employees can follow these guidelines:
- Regularly update your device’s software. This is the easiest way to ensure your devices are equipped with vital patches that protect against flaws and bugs that cybercriminals can exploit.
- Take security precautions, even if your company isn’t there yet. Professional and personal information is often intertwined on our devices – especially our mobile phones. Keep all your data secure with comprehensive mobile security, such as McAfee® Mobile Security. Then work within your organization to develop a cybersecurity plan that works for all.