When Did You Last Discuss Your IT Security Program?

Initial IT Logo

The costs associated with security breaches or failed policies is a hard hitting, costly percentage to the overall success of business. Preventative measures take time, and the programs need to be tailored to the types of interactions those employees will most often come in contact with. In the past, many IT security policies were part of the HR packet you obtained on the first day at work, signed on the blank line that you would adhere to the agreement and then submitted to HR for the company files.

So how can your security program be effective, relevant and include the staff involvement? Here are three tips that leaders can take to get a more proactive discussion in place:

  1. Start with a natural communication channel that is already established at your company. Companies that have weekly, or monthly staff meetings can introduce a 10-15 minute portion of the meeting that focuses on a recent cyber security topic.
  2. Identify the types of users and the cyber threats applicable to those users. Tailoring the security message to the listening audience will help ensure the audience undoubtedly knows the message applies to the work they do.
  3. Broaden the skills training to incorporate skills employees can use at home as well. The more your employees implement the procedures, the more they will trust and establish a secure pattern of cyber security practices.

Once you have these three steps in place, management teams can compare team discussions to discover strengths and weaknesses within the corporate security policies. The policies are more easily updated and with regular communication channels in place, staff will more likely be engaged with the information in contrast to a pushed email blast or signed document for HR.

initialit.net encourages clients to take the security approach that fits their company culture, risk tolerance and provide them the greatest protection from a majority of malicious attacks. Getting the entire workforce to discuss your company’s security regularly is important and effective. With more staff actively reinforcing the message, we have seen our clients decreasing the number of attacks suffered.