Everyone has probably had a similar fear – waking up one morning, getting to work, logging into one of your accounts and realizing all of your information has been hacked and stolen. With rapidly developing technology and Internet usage, being targeted by a cybercriminal isn’t as farfetched a nightmare as one would hope. But there is an upside: with the advancement of hacking abilities also comes the advancement of better security measures.
In last week’s GovLoop online training, “Defend Your Agency Against Cybercriminals Top Tricks,” featured cybersecurity experts who gave insightful tips on how YOU can protect yourself and your agency from some of the slyest cybercriminals.
The speakers included:
- Barry Condrey, CIO, Chesterfield County, VA
- Kevin Haley, Director, Symantec Security Response
Here are some recommended tips from Condrey and Haley that will help you and your agency leverage a cybercriminal-fighting workforce:
- Remember that everyone is responsible for cybersecurity: It is common for people within an agency to believe it’s not in their job description to focus on cybersecurity. But that is a myth! Everyone needs to be proactive in maintaining security standards their agency sets for them.
- YOU are a target: Another common myth is that cybercriminals attack systems and not individuals. Cybercriminals actually target individual people to lead them to access to the information they want.
- Don’t make assumptions: Here’s what to look for: Don’t assume that because you paid a lot of money for a security system means you’re getting high security. It is how you use those systems and your employees’ work that makes the difference; Millennials and Boomers are the ones most likely to leak information. Millennials know how plugged in they are and are more aware of the possibilities of data breach. Boomers have a sense of perspective and even thought they may seem less savvy with technology they are more cautious about potential security threats. You can’t think, “We have nothing worth stealing…” There’s actually a lot of information you have worth stealing that you may not realize, including your customers’ trust in your agency’s ability to protect their information. You never want to lose their trust.
- Have an exceptional work environment: How motivated and enabled does your workforce feel? If you have employees who are overworked and lack engagement, they may be more likely to open an email or click on a link that has a cybersecurity threat than an employee who is actively engaged and knows the true value of their work.
- Educate your employees: Invest in an educational program to teach staff about data security. Make your delivery methods effective, the trainings should be engaging, provide examples of security breaches and how to prevent them from happening to you and make the training fit the employee to make their learning the most effective. At the end of the day, employees like good training.
- Reinforce the basics of your agency’s cybersecurity standards: Use newsletters, department meetings, budget presentations, new employee orientation and employee evaluations as touch-points to educate your staff on cybersecurity. A simple reminder, a few times a week, will make your employees more cognizant of cybersecurity practices.
Don’t let the pace of outside change in cybersecurity become greater than your agency’s. Learn more about protecting your agency by viewing the on-demand version of the online training here.