📺 Stream EntrepreneurTV for Free 📺

3 Ways to Make Employees Your Best Cybercrime Fighters Computer security is a top priority, but is your team staying apprised of threats and best practices? Here's how to ensure they are.

By Rashan Dixon

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

erhui1979 | Getty Images

The biggest data breaches are highly publicized, but what one often doesn't see is the behind-the-scenes work that led to discovery and eventual remediation of the damage. A Ponemon Institute study found it actually takes an average of 191 days for organizations to identify a data breach. During that half-year, customer data is exposed, your brand is at risk, and exponential costs are incurred.

A cybersecurity threat is not limited to external factors. The same study revealed that compliance failures can add to the costs associated with breaches by $11 for each compromised record. That means your own team is putting your business at risk.

A Culture of Prevention.

The best attack on cybercrime is prevention -- and yes, that includes policy compliance. So how can you get employees on board with cybersecurity measures?

Engagement is key. Cybersecurity bulletins and meetings mean nothing if employees are not active in preventing breaches and reporting security lapses. Train your staff in personal cybersafety first: how to shop safely online, what to know about Facebook's privacy issues, and how to talk to their kids about cyberbullying. Leading with close-to-home topics will engage your employees in the subject and prove that you're concerned about their personal well-being.

A cyber-savvy culture also requires communication. It's a good thing when workers discuss suspicious emails and other warning signs of hacking attempts, and managers should ensure that those concerns make it to the security team. Encourage open queries in team meetings to keep the staff alert and supportive of cybercrime scrutiny. Focus on your own messaging, as well: Remind your employees that they are the strongest defense you have against cyberattacks.

Related: 3 Benefits of "Zero Trust' Cybersecurity for Protecting Customer Information

Implementing a robust cybersecurity regime is a mountain of a task, which is all the more reason to make sure your employees are on board and compliant. There are key strategies you can implement to engage your team and reduce the chance of a crippling cyberattack against your company.

1.) Pick your point person.

If you want everyone in your organization to be on board with new cybersecurity measures and protocols, it's best to appoint a leader to champion the cause. This person's team will manage all aspects of security and data protection, from monitoring attack vectors to training other employees.

A cybersecurity team should be staffed with individuals who are actually qualified to advise on the legal and technical implications of data protection -- plus the specialists who can carry out their directives. Too often, cybersecurity is added to an already extensive list of duties for IT or administrative workers.

To get a cybersecurity staff up to snuff requires investment. In a 2018 Deloitte survey of chief information security officers in state government, 61 percent reported competency gaps in their cybersecurity staff, and 94 percent of states cited high salary as the barrier to attracting and keeping cybersecurity talent. To alleviate the skills gap, Deloitte recommends partnering with universities, state and local agencies and contractors to bulk up cybersecurity teams.

Related: Addressing the Cybersecurity Skills Gap

2.) Let them know: It could happen to us.

To make sure your team participates in heading off cybercrime disasters, share the why. Make sure employees are fully aware of just how possible it is for an incident to occur at anyone's business.

Share stories of some of the more egregious breaches -- and how company culture or poor decisions enabled them. You're not intending to scare your employees. Caution them about the very real dangers, but assure them that their vigilance will make it possible to prevent or mitigate damage.

One way to do this without being too preachy is to host cyber war games -- mock sessions in which cybersecurity threats are simulated and audited without risk of real harm. When global payment companies, including JPMorgan Chase & Co. and Mastercard Inc., held a combined cyber war game in October, their cooperation helped lay the groundwork for a coordinated response and uncovered new approaches to defense.

Related: 6 Tips to Stop Hackers from Stealing Your Data and Your Business

3.) Keep up the broadcast.

You want to ensure employees are compliant with your cybersecurity plan, but you also want them to enjoy the advantages that come with remote work and bring-your-own-device (BYOD) policies. The best way to do that is to send out signals often to remind them of your best practices. Push notifications through text and email to let your team know of mobile maintenance updates and security measures.

These friendly reminders are an important way to encourage compliance on your team. Hoala Greevy, founder and CEO of HIPAA-compliant email provider Paubox, underscores the need for this regular (but unobtrusive) communication: "Sound policies are essential, but few people remember the employee handbooks they're asked to read on their first day. Likewise, BYOD policies will be easily forgotten without routine reminders." Issuing cybersecurity notifications on a regular basis will keep your company policies top of mind.

By taking these steps, you can create a lasting culture of vigilance and cybersecurity savvy. Given how damaging and costly a breach can be, a compliant culture will benefit your company for years to come.

Rashan Dixon

Entrepreneur Leadership Network® Contributor

Co-founder of Techincon and Senior Business Consultant for Microsoft

Rashan Dixon is a senior business systems analyst at Microsoft, entrepreneur and a writer for various business and technology publications.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Data & Recovery

Invest in Your Company's Cybersecurity with This $50 Bundle

Train to become a certified ethical hacker with this collection of e-learning courses.

Business Culture

Are 5-Day Workweeks Outdated? Exploring Alternative Schedules for the Modern Workforce

Discussing the history and evolution of the five-day workweek and exploring more flexible work schedules that better accommodate the diverse needs and lifestyles of today's workforce.

Growing a Business

3 Strategies to Keep Your Customers Coming Back For More

The critical risk area for losing a guest varies, depending on the industry and the individual guest's experience, but three main touch points offer opportunities to reinforce loyalty. Just remember that they can also drive guests away if not done right.

Starting a Business

Maximize Profits and Achieve Success With These Effective Goal Setting Tips

Join us for this exclusive subscriber Q&A, where Clinton Sparks shares his goal-setting secrets for all entrepreneurs.

Business Culture

Hybrid Work Is Failing Your Employees — Here's Why (and What You Can Do About It)

Business leaders are trying to choose between in-person and remote work. This leads to hybrid, which just isn't effective. Here's why.

Growing a Business

How to Properly Manage the Cash Flow of Your Startup

Ever think financial planning and analysis is just for big businesses? Think again! Startups thrive on solid financial planning, which is key to staying ahead of your competitors.