This post is part of an ongoing series on cyber security awareness. Follow Tallan for more in-depth coverage on security and other related trends in IT.
With so much of the workforce now operating remotely, more people are online than ever before. This heightened climate of connection has created the ideal setting for increased cyber security threats. According to statistics shared by Pbs.org, the collective cost of the ransomware attacks reported to the FBI in 2020 amounted to roughly $29.1 million, up more than 200 percent from the year before.
As many companies continue shifting to long-term remote work, it’s recommended that companies implement a comprehensive approach to adopting proper habits among personnel. Rather than just raising awareness, leadership should focus on altering behavior through a cyber security culture. The idea of cyber security culture refers to an organization’s values partnered with a general knowledge based attitude towards cyber security. A good cyber security culture is one in which organizational and individual determinants align with an organization’s approach to security.
Cyber Security by the Numbers
- Malware and web-based attacks are the two most costly attack types, with companies spending an average of US $2.4 million in defense.
- 34% of businesses hit with malware took a week or more to regain access to their data.
- Ransomware attacks are estimated to cost $6 trillion annually by 2022.
- Credential compromise rose 70% over 2017, and they’ve soared 280% since 2016.
- 43% of cyber attacks target small businesses.
(Source: PurpleSec)
Businesses invest millions of dollars in hardware and software to combat threats but often fail to adequately train their personnel on security procedures. The biggest return on investment may come simply from training staff to adhere to basic security practices while being able to spot hazards. However, it might be difficult to quantify and, as a result, justify the cost. Convincing higher management of the value of investing in employee training and creating a security culture can be a challenge, albeit an important one to tackle. In many circumstances, management does not feel that simply teaching their personnel will lower their cyber risk. Most businesses have invested years and numerous resources into acquiring and developing their data assets. If that data is lost or stolen, there could be a long-term financial impact. Being proactive about early avoidance is ultimately the more cost effective approach.
Companies must explore a more comprehensive approach to ensuring their staff adopts proper habits in the future, as many companies continue shifting to long-term remote work.
Building a cybersecurity culture is one of the most effective strategies for a business to reduce cyber risk. This requires instilling in employees the belief that the threat is real and that their everyday actions have a direct impact. Cybersecurity culture is critical since it aids in the protection of organizational assets, ranging from hardware to data. It must be part of a larger business culture of day-to-day actions that encourage employees to make intelligent security-related decisions. Basic awareness of cybersecurity is only part of a healthy security culture.
Taking the First Step
First, determine the present cyber security culture inside your organization. The objectives for cyber security culture should be be strategic, organizationally aligned, and risk-adjusted. Teams must examine their lived culture, mission, and values, as well as how they influence people’s attitudes toward cyber risk. It’s critical to comprehend the reality of where you’re starting from by studying attitudes and behavior. This will help identify gaps and lead to the design of a transformation plan. As you make improvements to your cyber-culture, try to observe and adjust. Continuing to listen to your employees while understanding how they interact with cyber security is crucial.
A cyber-savvy mindset can help an organization expand through digital trust, increase its consumer reputation, and boost staff morale. Cyber-secure culture establishes an atmosphere where safety becomes standard practice, allowing the entire organization to operate more securely with less effort, freeing up time and energy for essential operations.
Next week, Tallan Architect Marc Jacquard will share an in-depth FAQ on how organizations can approach their cyber security strategy in a more holistic way.
Interested in a hands on demonstration? Tallan and Microsoft are co-hosting a Cloud Security Webinar on November 17th. Click here to reserve your spot.