By: Kevin Halkerd, Senior Risk & Security Analyst at e4.
How do you get staff on board with security? By making it personal.
Most successful cyber breaches have one thing in common: People. Your company can be protected from every tech angle, with the latest security updates and most advanced threat detection, but it takes just one employee accidentally sharing their password for a major breach to occur.
Human-targeted attacks will remain the number one threat to cyber security and will only keep increasing in volume and complexity this year. As even casual observers have become more adept at spotting emails that don’t look quite right, criminals constantly work at creating more sophisticated traps. This year, we’ll likely see more complex attacks as well as automation and the monetisation thereof, as bad actors leverage and repurpose the likes of ChatGPT and other AI chat tools.
Human error is not only the biggest security blind spot but also requires more effort to remediate. It necessitates training and buy-in, as opposed to a security threat you might patch or reconfigure to a more secure mode. And after all that, your security still depends on the will of those humans to engage with the training and execute the learnings. There are no quick solutions, and any solution in place requires constant reviewing, re-engagement, and reporting.
So how do you get staff members to engage in secure messaging and implement these instructions correctly? By making it personal for and applicable to them.
Because with us, investing is personal.
Our innovative research has one goal in mind –
helping you help your clients reach their personal financial goals. Because with us, investing is personal.
Research is important for innovation, which is essential to growth, in generating ideas for new products and solutions, and in the advancement of existing solutions in the investments business.
The Research Hive was set up within Momentum Investments to provide subject-matter expertise on trends and industry-specific insights. This includes our leading research on behavioural finance,
to help you with those important conversations with your clients. When you see our Research Hive logo it indicates that the research is endorsed by our team applying cutting-edge research.
Ultimately, the aim of our research is to effectively help you help your clients reach their personal financial goals. Because with us, investing is personal
Momentum Investments is part of Momentum Metropolitan Life Limited, an authorised financial services and registered credit provider (FSP 6406).
South Africa already has a security-first culture due to our sensitivity to crime in general. Your toughest challenge is then to broaden the scope of staff members’ security mindset.
Do this by always providing consistent, friendly, and supportive engagement on security topics. If your security team can add value to other staff members’ lives, whether through support, personal advice, or leading by example, these quality exchanges will become a foundation for further interaction. If staff members perceive that they, too, get value out of engaging with security teams and materials, they’ll be more inclined to adopt your overall organisational strategy and awareness mission.
You could tailor such initiatives by:
- Using strong awareness content about the threats most prevalent in your business to regularly keep security in focus.
- Adding additional customised content to such materials to dig deeper and create interest in current trends.
- Sharing ‘inside info’ such as vulnerability notices and remediation steps for consumer phones, tablets, and wireless routers that staff members may use in their personal lives.
- Running routine unannounced simulations and sharing the results with the group.
- Incentivising participation by rewarding star performers – but still supporting stragglers.