Should your employee training program include cybersecurity?

With costs so high, HR needs to take steps to increase everyone’s ability to identify and prevent risks as they occur.

These days, it seems like there's a new report of corporate data breaches every day. According to the Federal Bureau of Investigation's 2017 Internet Crime Report, cyber crime victims lost approximately $1.42 billion. Furthermore, research from IBM Security and Ponemon Institute revealed the average organization that experiences a data breach loses $7.01 to $7.35 million.

With costs so high, HR needs to take steps to increase everyone's ability to identify and prevent risks as they occur.

Why cybersecurity training is important

Employees in any position within the organization are at risk for cyber crime, even if they do not have direct access to sensitive information. If someone with malicious intent obtains an employee's data, such as his or her email password, they may be able to leverage it into greater access to company data.

Everyone from the CEO down needs to understand the importance of cybersecurity awareness so that he or she can remain vigilant against it. Otherwise, individuals may not realize they are being taken advantage of until it is too late.

When employees learn about the various types of scams that are prevalent online, they will be more likely to report suspicious activity when it occurs. Likewise, they will have the skills and knowledge necessary to avoid these scams when they spot them. Considering the high cost of cyber attacks, all organizations should include cybersecurity as an essential part of all employee training programs.

hacker

How cyber crime impacts businesses

At best, a data breach represents an unexpected cost for an organization; at worst, it is a serious risk to the organization's continued existence. Small businesses are especially susceptible to the negative impact of data breaches. According to research from Champlain College, 50 percent of data breaches occur at small businesses with fewer than 1,000 employees. Furthermore, 60 percent of small businesses fail within six months of a cyber attack.

Larger companies can bear the extreme costs of a cyber attack, but that doesn't mean they escape unscathed. Companies that lose data also lose the trust of their clients and customers. In the long run, this impacts the organization's ability to attract new business or hold on to its current customer base.

"Data breaches cost companies millions of dollars per year, and open staffing firms like us up to litigation," says Navjit Dang, Senior Recruiting Manager for Beacon Hill's Technologies Division in Madison. "We deal with wealth of personal information related to hiring – proper handling and care in acquisition, distribution and destruction of this information is critical to prevent identity theft."

As organizations in every industry leverage connected technologies, they become more exposed to cyber crime threats. Organizations not only have to worry about incoming cyber attacks, but also data leaving the company with an unsuspecting employee. Workers who take work home or with them on the road also represent a significant threat. Therefore, HR must work with leadership to develop policies and programs to encourage safe data practices.

What HR can do to prevent costly breaches

According to the Society for Human Resource Management, HR can help prevent the damaging impact of cyber attacks by showing employees how to identify common scams. Anyone with a business email address is a potential target for scammers.

"If you have employees who have access to your system, you're going to need to make sure they're adequately trained to spot things like malicious emails. You need to run tests, [such as] a test phishing e-mail, and see how many people click on it. That'll give you information on the extent to which your employees are tuned in to [potential scams]," cybersecurity lawyer Michael Morgan told SHRM.

When employees and leaders are aware of the threats and equipped to deal with them, the company will see more opportunities to reduce risk and promote safe and ethical data practices.

To learn more about how to improve operations at your company, visit our resource center today.

Related Resources