Addressing the Gap in Your Cyber-security Approach: Staff Training
In the midst of the GDPR and a growing risk of cyber-attacks across industry lines, your organisation has more than likely bolstered their cyber-security practices in the past year. But have all of your staff members received the message?
60 per cent of UK businesses identified that they have a cyber-security skills gap
Recent reports revealed that despite increased efforts and spending in the realm of reducing cyber-risk, over 60 per cent of UK businesses identified that they have a cyber-security skills gap. What’s more, over half of these organisations believe they have an increased risk of suffering a data breach as a result.
Such startling statistics emphasise that your organisation can’t ignore the gap in your cyber-security approach any longer. Indeed, it’s crucial to ensure that all staff members are updated and aware of cyber-related risk management practices in your workplace to avoid suffering the costly consequences.
Make sure all of your employees can help prevent a cyber-attack and comply with the GDPR with this staff training guidance:
- Keep it specific—Avoid using a generic presentation or guide to communicate your cyber-security measures to staff. Make sure employees understand the specific role they play in helping prevent a cyber-attack. This entails identifying threats that different departments are more likely to face (eg phishing, insecure networks or dated software) and ensuring they know how to mitigate their daily risks.
- Make it entertaining—No one wants to listen (nor will they pay proper attention) to a lingering lecture on cyber-security. Be sure your training programme is fun and captivating for employees by utilising hands-on activities or acting out different cyber-attack scenarios.
- Offer incentives—Employees will be much more motivated to practise proper cyber-security measures if they feel valued for doing so. If a worker recognises a cyber-concern and follows correct protocol, make sure you praise their achievement with an award or an all-staff congratulatory email.
- Stay updated—Staff training shouldn’t be a single occurrence. Keep employees updated on the latest threats and risks with a routine training schedule and additional resources.