4 Ways to Build a Culture of Security in Your Organization

Posted on September 30, 2020 by Eugene Bekker | Director, Technology & Security in Business, Business Resources, Corporate Protection, Small Business Protection

remote worker using multiple connected devices

Why Workplace Security Depends on Employees

October is National Cybersecurity Awareness Month (NCSAM), and since its inception more than 17 years ago, it has been led by the U.S. Department of Homeland Security and the National Cybersecurity Alliance. This year’s theme encourages you and your organization to “Do Your Part. #BeCyberSmart.”, referring to implementing stronger security practices, raising community awareness, educating vulnerable audiences, or training employees.

Hackers, viruses, and malware can infiltrate Small to Midsized Businesses’ (SMBs) systems from many different entrances, and each employee — regardless of the industry or their position — is a gatekeeper. Security shouldn’t be an intimidating or abstract idea in your company — it should be rooted in every action and business process, reducing human error and failures, which lead to almost half of all data breaches. A culture of security needs to be persistent and ever-present.

4 Ways to Build a Culture of Security

National Cybersecurity Awareness Month is the perfect time to kick start your organization’s culture of security. Start putting these ideas into motion and you’ll immediately improve your company’s odds of keeping sensitive information away from prying eyes. To build a culture of security in your workplace, here are a few big things you can do to get started:

  1. Increase awareness – Many of your employees probably want to help keep the company secure, but they don’t know how or don’t know enough about the current cybersecurity landscape — teach them. The resources shared above are a good start.
  2. Create a security community – Gather people from different departments and job levels to lead the security charge among all employees. Have them meet at regular times to develop internal programs that bring everyone together and eliminate an “us vs. them” mentality.
  3. Incorporate security into everything – Your mission statement, employee handbook, company-wide speeches by the CEO — find ways to work your commitment to security into as many communications as possible to drive the point home that security is a major focus for your organization, and it is truly everyone’s responsibility.
  4. Make cybersecurity fun – Workplace security doesn’t have to be something that is seen as a burden to your entire staff; find ways to make it fun! Publicly recognize employees who go above and beyond when it comes to cybersecurity and offer prizes or rewards. Create games, hold workshops, and try to find ways to engage your employees and reinforce the best cybersecurity practices at the same time.

Consider the following guidelines based on this year’s NCSAM theme to encourage personal accountability and practice best security practices:

If You Connect It, Protect It

Owning a device that is interchangeably used for business is a serious responsibility. Take the appropriate steps to protect your company’s BYOD devices:

Securing Devices at Home and Work

Securing company devices, especially while working remotely, is the first line of defense against cyberattacks.

Securing Internet-Connected Devices in Healthcare

Many healthcare organizations have outdated IT systems and lack focus and investment in cybersecurity tools, which puts consumer sensitive and medical information at risk. Whether you work in the healthcare industry or if you or your company has been targeted by a data breach, here are some resources to use personally and share with your colleagues.