There’s no doubt we’ve all had to change our
work habits as a result of the global coronavirus pandemic. Companies have
had to adapt rapidly to smooth the transition to work from
home. But companies will have to do more than adapt if they’re going to make
cyber resilience a long-term priority going forward. As the edge of the network
expands to include thousands of home networks and devices, it’s going to fall
on leadership to establish a culture of cyber resilience, so employees
internalize cyber security best practices instinctively.
What is a cyber resilient culture?
We
asked Principal Product Manager Philipp Karcher what a cyber resilient culture
is and what it takes to establish one at an organization. He said a culture of
cyber resilience recognizes that everyone – not just IT – has role in cyber
security. Karcher defines cyber resilience as the application of the same
principles of IT resiliency so that employees:
Business benefits of security training
When businesses internalize this culture,
they’re better prepared, better able to respond and better positioned to experience
growth, Karcher says. Asking employees to devote time and effort toward
security awareness is an investment in the future of the business.
On the other hand, businesses that don’t actively
work toward a culture of cyber resilience are more vulnerable to cyberattack. Their
employees are more likely to practice poor password hygiene, click on something
they shouldn’t and make other mistakes, like misconfiguring access rights or accidentally
sending someone the wrong file.
Cyber Resilience training delivers results
While IT resilience focuses on hardening data
and applications, your overall cyber resilience as an organization depends
equally on making users resilient. This should include a program of training
and communication on security issues employees need to be aware of and education
on how to properly respond to incidents.
We believe that when
you look at the results of Webroot’s training program, it’s no wonder why it
was recognized as a Strong Performer in The Forrester Waveâ„¢: Security
Awareness and Training Solutions, Q1 2020. According to data from the Webroot
Threat Research team:
Webroot
also partnered with leading cybersecurity education
content provider,
NINJIO, to deliver engaging three-to-four-minute Hollywood-style micro-learning
videos that
feature updated COVID-19 content and encourage cyber resilient behavior, like identifying
phishing emails and malicious URLs.Â
In addition to regular employee training, Karcher
says businesses should publish regular communications on security topics in the
form of emails, internal social media, posters and videos. Examples include
coverage of real-world threats they need to defend against in their work and
personal lives, and industry news about other businesses that were adversely
affected by attacks.
Cyber resilience can only become a part of
culture through sustained, long term engagement – not just annual check-box
training.
Interested in implementing a culture of cyber
resilience? Take
the first step here.
