January 02, 2014 by Carsen
2013 brought many security breaches, but start the year off with a more secure organization
Security breaches reached record highs in 2013, and a recent UK survey done by the Department for Business Innovation & Skills shows 42 percent of large organizations don’t even provide ongoing security awareness training to their staff. The amount of breaches is alarming and should urge you to provide ongoing security awareness training for your organization, no excuses. First, understand the below statistics and second, take this knowledge and start 2014 with a more secure organization to prevent becoming the statistic.
Here are some other alarming key findings from the survey:
- 93 percent of large organisations had a security breach last year
- 87 percent of small businesses had a security breach in the last year (up from 76% a year ago)
- 36 percent of the worst security breaches in the year were caused by inadvertent human error (and a further 10% by deliberate misuse of systems by staff)
- 57 percent of small businesses suffered staff-related security breaches in the last year (up from 45% a year ago)
What does this mean for you?
Both large and small organizations are vulnerable to security breaches, and human error is a main cause. Take seriously these threats and provide ongoing awareness campaigns in your organization that promote a security minded culture. Security is everyone’s responsibility (not just your CISO or IT Security Manager but everyone in the company).
What type of program should you look for?
You need a program that highlights individual responsibility, as your organization’s security depends on all employees’ safety habits. Look for a security awareness program that is engaging, interactive and focuses on key topics, threats and vulnerabilities that the workforce is facing.
We suggest having a complete awareness package that includes posters, newsletters, email templates (with best practices, recent scam alerts), focused & short quick tip videos, refresher courses, complete eLearning security awareness courses (with certificates of completion) and simulated interaction that tests learners on their security knowledge and practices. Ongoing follow-up, reminders and messages from company leadership continue to highlight the importance of security within the company.
What topics should be covered in an awareness program?
Topics should include at least the following: phishing threats, social media security, mobile security, internet safety, email best practices, password security tips, physical security, identity theft, and more.
For more information on training options and courses, check out Global Learning System’s eLearning library of awareness courses.