Why staff training is a critical component of cybersecurity
When it comes to cybersecurity, the right infrastructure and software are key, but the secret to complete data safety may be your staff. Not your security staff, all your staff. In fact, according to a recent article for Inc., by Joseph Steinberg, CEO of SecureMySocial, most businesses will have trouble filling cybersecurity positions because, like the rest of the tech sector, there is a talent shortage in this niche.
Steinberg predicts there will be 3.5 million vacant cybersecurity positions by 2021. The unemployment rate in this sector hit zero last year, and there’s no expectation that this will change in the next four years. Meanwhile, the need for cybersecurity will continue to grow. The global damage from ransomware is expected to cost more than $5 billion in 2017, and that figure will quadruple by 2020, according to Steinberg. Cybercrime, in general, will cost the world $6 trillion every year by 2021.
This means spending on security will increase as well. Globally, the healthcare sector is expected to spend $65 billion on cybersecurity products and services between now and 2021. The spending on all security products and services is expected to pass the $1 trillion mark during the same period.
According to Moody’s, competition in the Canadian broadband sector is on the upswing as companies spend on fibre-optic infrastructure. Global investment in secure infrastructure like fibre-optic internet is on the rise as well.
If you’re starting to worry about how much you’ll have to increase your IT budget to cover the cost of cybersecurity, you’re not alone. Perhaps you’re thinking that as a relatively small Canadian business, your operation is unappealing to hackers.
Why hackers are targeting small business
Think again. According to Steinberg, hackers are now turning their attention away from large corporations and are targeting more small businesses and individuals.
Think about this in terms of physical security. Large corporations spend the extra money for locks that are harder to pick, doors and walls that are harder to breach, and security cameras that can alert someone to the presence of burglars. A criminal is likely to choose an easier target, a business with older locks, doors and walls, and a less sophisticated security system.
The best security features are not always more expensive. A fibre-optic MPLS network infrastructure, for instance, the digital equivalent of structurally superior walls and high-quality locks, is no more expensive to install than any other network.
Additionally, changing workplace behaviors can go a long way in keeping your operation secure. It all starts with awareness. According to Steinberg, “people who believe that criminals want to breach their computers and phones act differently than people who don't understand this reality.” He outlines some inexpensive measures that businesses can take in another article in Inc.
Ensuring that your staff understands the importance of security is the first step. Once they understand the significance, you need to provide them with information-security training.
Putting secure internal protocols in place is another step in the right direction. For example, set up internal networks so that your staff only has access to the data they need to have to do their job. This way, if their password is breached, the risk is limited to only the data they can access. You can also segregate the network so that your staff’s personal phones and tablets do not have access to sensitive information. Devices that do log into the network will need to have adequate security in place.
Other useful policies include policies that limit the sharing of credentials. Policies that make it easier for staff to remember their passwords mean they won’t have to write them down.
Company policies can’t replace security products or secure network infrastructure. But according to Steinberg, staff training and internal cybersecurity policies will make all protective measures more effective.