Chris Hunter, director at HM Network explains the importance of cyber awareness and educating your team about cyber security to keep your business data safe.
Despite trying to keep work and personal lives separate, there is often a crossover. Many people pick up work emails on their own devices, particularly using personal mobiles. Since the pandemic hit, a lot of people now also use their own computers and work from home.
A quick word of warning. Hackers send malware out in all sorts of ways to try and steal personal and company data. If you fall for their tricks and company data is breached this could be really bad news.
Think before you ‘click’
There have been oodles of social media status updates shared lately saying “oh no, it looks like my account has been hacked” or “if you get a friend request from an account that looks like me – DON’T ACCEPT, it’s not me”.
If you get one of these messages, DO NOT click on it. It is almost certainly a malicious virus that will riddle your device with spyware. It can steal your credentials and then send itself to your contacts list in the hope they may also fall for the same trick.
It might seem like nothing at the time, but stolen personal data will likely be sold to scammers and hackers on the dark web. If you use the same usernames and passwords for various email, social media, subscriptions, banking logons, you should pay particular attention.
Why should we all be cyber aware?
In the workplace, we are often required to have access to sensitive or personal customer data. If a virus was to make its way from your infected device into your work business systems, and this data was then leaked – this is not just an inconvenience. It could become a data breach, which can have very serious consequences for the business.
When it comes to a data breach, this can impact productivity. It can be expensive and time consuming to pin down the problem and remediate the issue. It can also result in significant financial penalties from the Information Commissioner’s Office (ICO).
Educating your staff about the importance of cyber security and how to avoid data breaches could save your business.
Explain to staff why cyber security matters:
- Risk of monetary loss
- Risk of regulatory fines (such as Ticketmaster’s recent £1.25m ICO fine)
- Risk of reputational damage.
How vulnerable are you and your staff?
Humans are vulnerable. We are often busy multi-tasking. Cyber criminals take advantage of this and prey on our weaknesses. The Facebook virus is just one example of how internet nasties use human curiosity to spread malware across a wider audience, often with the objective of finding a backdoor via staff, into business systems where valuable personal information is plentiful.
Raising awareness to staff that humans are the weakest link is essential. With a bit of extra vigilance you can drastically reduce the risk of an incident or breach.
- How do you train your staff about cyber risks?
- When was the last time your staff were trained about cyber risks?
- When was the last time you ran controlled phishing simulations to see who clicks on things they should not?
Many ask “why would criminals target me?” Perhaps it is not you directly they are interested in. Perhaps you have been selected as a weak access point to get into business systems.
Do you want to know how cyber aware your team are?
Educating your team to be more cyber aware in both their personal and professional lives will benefit everyone.
HM Network offers Human Vulnerability Assessments and a whole suite of Cyber Security e-Learning to educate your team.
And, training staff to improve cyber awareness is not expensive, it can be done for less than the cost of a Starbucks coffee a month!
My name is Chris Hunter, I’m a director at HM Network in Preston. When we started our business, we received advice and support from Boost Growth mentors which really helped us get off the ground. Fast forward a few years and we became a Boost & Co partner ourselves as we wanted to help other Lancashire based businesses get help and support, to aid growth.
Our GDPR Express events saw over 1100 businesses in attendance and from the feedback we got, demonstrated that many businesses did not have a particularly good grasp of cyber security or data protection, and needed help.
The General Data Protection Regulation (GDPR) in the UK became the Data Protection Act 2018. This was put into place to protect personal data. Not just against misuse by dodgy sales companies, but to make sure that organisations began taking the right steps to protect personal data in the first place, and ensuring it does not end up in the wrong hands.