Creating a Cybersecurity Culture
By: Chad Knutson, SBS CyberSecurity
Financial Institutions today face many cybersecurity risks. Creating a cybersecurity culture is key to alleviating the risks at your organization. Here are some tips to create a culture of passion for cybersecurity:
- Implement from the top down. Senior management must set the tone for employees to follow suit.
- Make cybersecurity everyone’s job. Whether you’re a teller, loan officer or president, encourage all employees to be vigilant with cybersecurity.
- Communicate regularly. Send monthly emails to employees with cybersecurity tips. Make the tips relatable to your financial institution.
- Train frequently. Conduct cybersecurity training more regularly than once a year.
One of the largest risks for financial institutions is phishing. According to Verizon’s Data Breach Investigations Report, 90% of data breaches that have occurred involve phishing at some level. Set your organization up for success with these tips:
- Create a safe harbor. In a positive culture, employees will report phishing attempts and failures.
- Reward employees for successfully reporting phishing emails. Some organizations tie bonus structures to how well employees perform during phishing tests. Other rewards could include extra PTO days or company promotional product giveaways. Public recognition of their efforts is also a proven motivator.
- Create consequences for those who fall for phishing attempts. If employees fail, require more training.
- Consider an automated phishing solution that sends phishing emails to your staff so you can identify who needs additional training.
Don’t fall victim to cyberattacks. Take five minutes to view my video blog to learn more about creating a cybersecurity culture at your organization.