On World Day for Safety and Health at Work, we’ve put together a brief guide on potential cyber stresses to avoid in the workplace.
Are you worried about cybercrime? Does the idea of a data breach keep you up at night? Do you suffer from disquiet at the thought of your employees downloading malicious software?
Then you’re not alone. In recent years, as the workplace has become more digital in scope, such concerns have become increasingly commonplace. This is especially true if you occupy a senior position within your company – not only are you more acutely aware of the threats posed, but you also appreciate that ultimate responsibility lies with you.
Needless to say, this realisation can be disconcerting. More so if you consider the state of play today. Already, it is estimated that the global cost of cybercrime is $1 trillion, which alone is enough to cause anxiety among decision-makers.
However, if that isn’t enough to send a chill down your spine, consider this: cybercrime is ‘more threatening than ever’. Or that the damage to a brand can be monumental. And we haven’t even started on the cost of insider threats.
This kind of unease, emerging out of the new challenges posed by technology, can be assuaged. On World Day for Safety and Health at Work – which this year is themed around workplace stress – we’ve put together a brief guide on potential stress triggers to avoid so that when you do leave the office at the end of the evening, the last thing on your mind is cybersecurity.
Stress #1 – Weak passwords
The paper, entitled The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure, found many instances of poor password practice, with “easily-guessed” and “default” passwords commonplace. Additionally, one case study observed how passwords were not changed on a regular basis, as long as a year in some instances.
How to destress:
- Make the minimum password entry a mandatory mix of symbols, for it to be case sensitive and for it to be long
- Establish regular office-wide “password update days”, which is compulsory as part of your enterprise’s cybersecurity program
- Introduce two-factor authentication for additional security
Stress #2 – Mobile devices
The way we work has changed significantly since the turn of the century, with the digital revolution disrupting traditional practices. We’re now a lot more tech-savvy and mobile-focused, with high-tech gadgets allowing us to work wherever we want and on whatever device we prefer using in the moment.
The latter, explained ESET’s Stephen Cobb in 2012, is known as Bring Your Own Device (BYOD), which, while a sign of the times, brings with it security risks. For example, commenting on the findings of a survey commissioned, he said that some employees engage in “unsafe computing” practices like connecting to the company “via a free or public (and quite likely hackable) WiFi connection”.
How to destress:
- Ensure that all devices that enter into a company network or access work-related documents are protected with the appropriate security solution
- Add a tough layer of protection with encryption technologies (discussed further below)
Stress #3 – Accessible information
In the 21st century, one of the biggest assets for any organisation is their data. It therefore goes without saying that ensuring that you protect your information is a business imperative, yet, as ESET’s Peter Stancik highlighted recently, many fail to do this. Encryption, he says, is a good way of doing this.
His colleague, Mr. Cobb, shares this view, stating in 2014: “Apart from bad publicity and lost business from customers who decide you can’t be trusted with their data, you could also be looking at a million dollars in fines, possibly more [if you’re lacking in encryption].”
How to destress:
- As above, invest in encryption technologies to bolster your security
- Introduce encryption across all workflows, media and devices – if it’s sensitive information, it will appeal to cybercriminals
Stress #4 – Employees
Along with data, employees are an enterprise’s biggest asset, with an article from earlier this year stating that “if you lose your knowledge assets – your people and your data—you may find yourselves in an unrecoverable situation”.
Yet, they are also your biggest threat, as a survey from last year suggested. Interestingly, this is a sentiment that 93% of respondents shared. Clearly, there is a need to fill in the gaps here – it’s essential that all employees are familiar with cybersecurity policies.
How to destress:
- Carry out regular company-wide training sessions on cybersecurity
- Regularly share information about security best practice via email for example
- Consider how to deal with repeat offenders (for example, should employees be penalised?)
Follow all of the above and cyber stresses, while not impossible to eradicate, will be less of a burden on your everyday activities. The end result is that you’ll be happier, more confident and comfortable knowing that you are doing everything in your power to stay secure and protect the interests of your organisation.