document.body.classList.toggle('menu-open', show); // Add 'menu-open' class to body.
Search
Close this search box.

Top 5 ways to build a strong cyber security company culture

th4ts3cur1ty.company - Meet The Team - Eliza
Written by Eliza-May Austin
August 28, 2022
Tags – ,

Your cyber security company culture can lead to good and bad. For example, Insider threats make up 5% of all cyber attacks, while phishing makes up 37% (Palo Alto Unit42, 2022), and the vast majority are due to insufficient training of employees, rather than droves of malicious staff.

It’s paramount that a basic understanding of cyber security is adopted culturally within an organisation for it to make an impact. Just like culturally we all lock our front doors to try to limit risks from outside the home coming inbound, we must make strides to equip our employees with the basic skills to conduct their jobs in the most secure way possible without losing efficiency. So, how do we do that?

Building a Strong Cyber Security Company Culture

#1

Protect the organisation’s assets through robust technical controls so that in the event of a human error the entire business isn’t down the toilet.

#2

Training & Awareness. A vast amount of office employees spend their day opening emails, some are employed with the sole purpose of clicking on links and engaging with strangers via social media on the company’s behalf. Telling these employees to not click on links or not to engage with potentially nefarious threat actors over the internet isn’t going to fit well with their role. Teaching employees how to do their job, specific to them in a safe and efficient manner is paramount to successful training and awareness.

(We offer this as a service….. contact us below)

#3

Open door policy for IT and cyber security teams. Everyone in the company needs a clear picture of where they report something they deem suspicious and what suspicious means. Your organisation needs an email address, phone number, or department that everyone knows is the place to go for reporting or to ask questions. It is within the organisation’s best interest that the report is acknowledged and received politely, no one should be afraid of approaching the tech/security team.

#4

Host internal webinars, virtual drop-in Q&A sessions or in person coffee break classes that keep colleagues informed about the good work the internal team is doing to improve security and how that impacts the company’s bottom line. Bringing security into the business discussion gets many different departments interested.

#5

Relating risk to employees’ home life, will embed good practices holistically which will, in turn, benefit the business. Imagine the most boring subject you can think of. Now imagine someone talking at you about that boring subject for 1 hour+…this is exactly how people with no interest in cyber security feel when they have to sit through security guidance at work. Making cyber security about them, their family, and home, peaks their interest in a way talking about MFA and phishing links never will.

Strengthening your cyber security culture is an ongoing journey that requires commitment at all levels of your organisation. For more insights and to discover how our tailored security solutions can support your efforts, explore our Cyber Security Training & Awareness services.

Like what you see? Share with a friend!

th4ts3cur1ty.company - Meet The Team - Eliza

This article is written by Jan Masters

Eliza-May Austin

CEO

Eliza exudes a captivating, no-nonsense demeanour that defines the services provided by th4ts3cur1ty company. As a proud Yorkshire woman, she boasts an impressive expertise in tea, gravy, and local hiking trails. Clients value Eliza’s practical, assertive stance on security, especially in challenging situations. Quietly dubbed the “Winston Wolfe of cyber”, she navigates complex conditions with a calm and strategic approach. Trust her to handle security matters with finesse and to get you out of a bind with determined resolve.