Cybersecurity is not just an IT problem – it is a people problem. Like many of you the majority of my time at work is spent online, whether communicating with clients, accessing information or creating content. It is not therefore surprising that in most cases, cyber breaches happen through honest mistakes or well-meaning employees doing things unwittingly. While it is important to put in place technology measures to prevent cyber breaches, it is equally important to educate your employees on how their behaviour impacts cyber security. Is it really ok to send confidential documents to your personal email to work over the weekend? Is it ok to open emails and click on links from people you don’t know? What would happen if your unprotected work laptop was stolen? Educating your employees as to how their behaviour can affect the security of your business is critical. A simple way to do this is to put an internet policy in place that your employees are aware of and can refer to. At a bare minimum, the policy should deal with password protection for devices, an email policy (covering issues like opening emails or clicking on links from unknown sources), and using protected browsers and verifying information at the source.
Employees are the weak link when it comes to cyberthreats on corporates, according to the man who was once the FBI's most-wanted hacker.