⚡ Get All Content for 20% Off ⚡

Battling Cyber Threats Begins With Employee Education Even the best of software and technology is useless without appropriate human training.

By Kelly Ricker

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

Shutterstock

Technology is a driving force for organizational goals. The rapid adoption of cloud computing and the widespread availability of mobile devices and apps has moved technology from serving as simply a support mechanism to the critical differentiator in the way in which companies operate day-to-day and in how they prepare for the future.

As technology grows in its importance, so does the issue of security. Companies of all sizes consistently rate security as a top priority among all of their technology issues. Clearly businesses seem to understand the importance good security practices. But are they taking the right steps?

Related: 7 Cybersecurity Layers Every Entrepreneur Needs to Understand

Companies have good reason to be concerned. The threat of cybercrime is very real and the impact of becoming a cybercrime victim is potentially catastrophic.

In its "2015 Cost of Cyber Crime Study" the Ponemon Institute found that the number of cyberattacks against governments and commercial enterprises continues to grow in frequency and severity. The average cost of a single cybercrime is $7.7 million. While this figure is skewed by large enterprises, the per capita cost for a small business ($1,388) is significantly higher than the cost for a large firm ($431).

Large or small, public or private sector, all organizations must embrace a comprehensive approach to cybersecurity that's built on the foundation of three critical elements: risk assessment, new security tools and the human element.

Risk assessment.

Assessing risk is not a new concept for businesses, especially within firms with a strong project management mindset. But the time has come for more organizations to engage in and apply a rigorous analysis of its security practices.

Typical analysis activities include determining the probability of a risk, estimating the potential impact, and determining mitigation strategies. The time and effort involved in building mitigation is directly related to the probability and impact. A high probably/high impact risk requires much more robust mitigation than a low probability/low impact risk.

Related: Why Small-Business Entrepreneurs Should Care About Cybersecurity

New cybersecurity tools available.

Firewalls may not be a complete security solution anymore, but they are still a critical part of the security preparedness. Companies may need to update their firewall, as their function has evolved from filtering traffic to restricting traffic.

Other new security tools to consider include Data Loss Prevention (DLP) technology, which tracks data to watch for inappropriate behavior; and Identity and Access Management (IAM) recognizes users in individual applications and gives them proper access.

Human element and training.

Research by CompTIA and other organizations consistently shows that the main cause of security breaches is human error by employees, who either don't follow policy or haven't received the training that would alert them to a potential security threat.

Too often, though, companies ignore the risk that's present every day within their four walls. According to an October 2015 CompTIA-commissioned survey of 1,200 full-time workers across the U.S. titled "Cyber Secure: A Look at Employee Cybersecurity Habits in the Workplace," 45 percent say they do not receive any form of cybersecurity training at work. We can't expect employees -- the first line of defense -- to act securely without providing them with the knowledge and resources to do so.

Related: CEOs Can No Longer Sit Idly By on Cybersecurity

Complicating the cybersecurity challenge for organizations is the fact that they are dealing with multiple generations in their workforce. Baby Boomers, Gen Xers and Millennials each present unique security challenges and risks to organizations. For example, 42 percent of Millennials have had a work device infected with a virus in the past two years, compared to 32 percent for all employees. Age also factors into security awareness. 46 percent of Millennials are familiar with two-factor authentication, compared to just 21 percent of Baby Boomers.

With the wave of new workers coming into the workforce, organizations need to take extra precautions and make sure they have effective training in place. Companies can't treat cybersecurity training as a one-and-done activity, or something that's only relevant to the IT department. It needs to be an ongoing initiative for all employees throughout the organization.

The best security technology products and the most comprehensive policies and processes won't work without appropriate human action and intervention. Spreading cybersecurity awareness, knowledge and training throughout the entire organization, from the receptionist at the front desk to the CEO in the corner officer, is essential. Otherwise, organizations run the very real risk of becoming the next cybersecurity victim.

Kelly Ricker

Senior Vice President for CompTIA,

As the senior vice president of events and education for CompTIA, Kelly Ricker is responsible for setting the association's IT channel education and event strategies and overseeing the department that is responsible for producing CompTIA's channel education products and live events, including the annual Breakaway conference where more than 1,100 channel executives gather for business and training. Ricker  currently serves on the Corporate Event Marketing Association (CEMA) Industry Advisory Board and the Meeting Planners International (MPI) Membership Committee. She is a graduate of Miami University in Oxford, Ohio, where she majored in Public Relations.

?
 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Side Hustle

The Remote Side Hustle a 43-Year-Old Musician Works on for 1 Hour a Day Earns Nearly $3,000 a Month: 'All From the Comfort of Home'

Sam Ziegler wanted to supplement his income as a professional drummer — then his tech skills and desire to help people came together.

Marketing

Ever Wonder Why Certain Websites Rank Higher Than Yours? This SEO Expert Reveals The Secret to Dominating Search Results

It's often the smart use of SEO, now supercharged with AI, particularly in keyword optimization.

Franchise

The Top Franchise Brands Growing Globally

While our main Fastest-Growing Franchises list focuses on North American growth, more and more brands are looking to grow worldwide. These are the 25 that had the greatest franchise growth outside the U.S. and Canada from July 2022 to July 2023.

Business News

AI Is Impacting Jobs. Here Are the Gigs Affected the Most, According to an Analysis of 5 Million Upwork Postings

The researcher said in the report that freelance jobs were analyzed first because that market will likely see AI's immediate impact.

Leadership

Former Interrogator Shares 5 Behaviors Liars Exhibit and How to Handle Them

Five deceptive behaviors to look for and how to respond to those behaviors when you encounter them.