Are You the Weakest Cybersecurity Link?

IT professionals have the “hard skills” to prepare for implementing new technology and security, but “soft skills” may be the mortar that’s holding your fortress together. Make sure that you are not the weakest cybersecurity link!

When it comes to networks, we seldom consider how superficial contact determines the extent of their security and effectiveness. If you are in the Information Technology (IT) field, the weakest cybersecurity link at your office could be you. Not enough of us talk about this, but the willingness of our co-workers to approach IT can impact the department’s strength. Indeed, the mental image of the ‘unapproachable techie’ could be preventing you from being informed of anomalies that lead to problems later on.

The little elephant in the room: the myth of the ‘geek’

The Merriam-Webster Dictionary online defines the word ‘geek‘ in a number of ways. Among them: “A person often of an intellectual bent who is disliked” or “an enthusiast or expert, especially in a technological field or activity.”  Neither of these descriptions is very warm – or seems very human. This is how those we consider ‘geeks,’ ‘techies’ or ‘nerds’ are portrayed in popular entertainment and media.

We all know that no group of people is a monolith. There are differences in preference and personality that create variety we miss if we hold on to stereotyped visions of others. While they shouldn’t, people often stereotype. It is not unusual for rifts to exist between and among departments, but this may be your weakest cybersecurity link.

For people who consider themselves to be ‘non-techie’ or ‘not computer smart,’ any contact with the technology department may generate a dense, unspoken anxiety. All it takes is one negative encounter to justify the avoidance of connecting with the IT staff. It may be unfair to expect the technology division to take responsibility for closing the chasm between themselves and the rest of the office, but the benefits of increased ease of communication will be worth it.

Tech help delivered with hospitality

Admittedly, some fields revolve around human interaction, and we expect practitioners to be warm toward others. This does not mean that people in the scientific and mathematical areas are unable to connect with empathy. However, it is possible that professionals of all types discount the power of hospitality – welcoming those who need our help. If you expect this at only hotels and restaurants, consider this: your colleagues are a captive audience and they depend on you.

Of course, we have all met and passed milestones to qualify to provide services in the public and private sectors. None of us wants to feel incompetent or inadequate while at work, where our value is to be confirmed and not questioned. While this article focuses on IT, any department will benefit from displaying a greater appreciation for the opportunity to assist internal customers.

Promote a good service policy

The incident management experts at Milldesk Helpdesk Software stake their success on a combination of excellent IT competency and great interpersonal skills. A welcoming approach, transparency and clear wording contribute to an inclusive atmosphere. Very importantly, help team members feel safe from ‘feeling stupid’ when they call for help. Negative encounters lead to avoidance.

In an area where the unfettered exchange of information is critical to maintaining security and data integrity, one unreported event can spell disaster. Additionally, open informational communication at all times combats the narrow concept of IT personnel as existing solely to put out fires, becoming visible only in emergencies. For greater detail, read the Milldesk article “How about improving your company’s IT staff relationship with your internal users?

How do I implement a good service policy?

1: Adopt an open door policy.
Answer emails, texts and voicemails within a reasonable amount of time; autoresponders don’t count. A real human being should be checking in within 24 hours of any inquiry.

2: Follow up and follow through.
If the problem is not fixable because of a shortage of personnel, lack of a part or a need for more troubleshooting, briefly explain this and give a time to expect an update. This assures staff that their issues are also important to you.

3: Watch your mouth.
The use of acronyms, arcane-sounding language and jargon elevates your speech beyond understanding. A good, down-to-earth description fosters understanding. You may need to practice saying things “in regular English.”

4: Be a respecter of persons.
Each and every one of your colleagues, from the CEO to the front-line employee, is there for a reason. Don’t let them walk away thinking that you believe they are stupid for not knowing something technical. There really is no better way to put this.

Strengthen the weakest cybersecurity link

Who doesn’t want a return on investment? When you implement a good service policy, you may not see an atmospheric change overnight. But over time, you should witness a thaw that leads to increased willingness to adopt new technologies by staff. Your end users may also be more likely to be vigilant and in compliance with security policy. You’ll discover that some people on staff have higher levels of digital literacy or proficiency with certain applications. Encouraged, they could evolve into informal digital mentors and information gatherers. People may look to them to be their digital coaches. These people are called “influencers” in the Harvard Business Review entry “Convincing Skeptical Employees to Adopt New Technology” by business and management expert Rebecca Knight.

From another angle, consider how increased training, exposure and adoption can result in fewer mistakes. Well-trained individuals who feel they have control and a stake in IT are more involved and self-managing. To strengthen the weakest cybersecurity link, this may be very valuable. Technology training and certification leader CompTIA launched a study that indicated over half of data breaches were as a direct result of human error (2016). It must be made clear that information technology is not solely the responsibility of the IT division. Every employee has a part to play in assuring daily processes and safeguarding the privacy of client data.

Finally, implement solid training, positive reinforcement and mutual respect to be the strongest link, connecting IT to the rest of your team. Focus on the desired end results: increased efficiency, better network security and your staff’s belief in you, their safety net.

Anita Davis is part of the GovLoop Featured Contributor program, where we feature articles by government voices from all across the country (and world!). To see more Featured Contributor posts, click here.

Leave a Comment

Leave a comment

Leave a Reply