How Can a CIO Improve Employee Awareness Regarding Cybersecurity?


As CIOs have better knowledge about technology, they can help employees in tackling cybersecurity better. Moreover, most of the breaches occur due to employee ignorance and companies are aware of this flaw. In his Accident Successful CIO blog, Dr. Jim Anderson explains how a CIO can improve employee awareness regarding cybersecurity.
Updating Employees Regarding Cybersecurity
Companies are spending millions in securing their networks and channels, but their weakest link is their workforce. Management, however, cannot evade responsibilities by penalizing ignorant employees.
Studies reveal that 91 percent of cyber attacks are caused by phishing emails. To address that, CIOs are conducting training sessions on a regular basis to spread cybersecurity awareness. These sessions usually involve how not to click on suspicious emails or use predictable passwords. However, these do not work in the long run.
So, some CIOs are conducting contests and awards to reward employees that put those training materials to use. In fact, companies are trying out different methods to raise employee awareness regarding cybersecurity.
Working on Improving Awareness:
CIOs train some employees that have no previous security knowledge regarding cybersecurity. They are then provided incentives for spreading awareness among their colleagues. These trainers conduct classes, start contests, etc. to get the attention of their peers. Peer-to-peer knowledge transfers feel less formidable and easily comprehensible.
The overburdened workforce usually ignores cybersecurity tests. However, these behaviors change when CIOs gamify tests or apply incentives. Appreciation emails for alerting a suspected phishing email also make employees more vigilant.
Conclusion:
No matter how many security applications companies invest in, employee awareness regarding cybersecurity is what companies must prioritize. They are bound to make mistakes. Implementing penalties or forcing them to take cybersecurity training will not work in the long run. An open discussion forum, non-threatening environment, and gamification of knowledge sessions can change behaviors for the better.
To view the original article in full, visit the following link: http://theaccidentalsuccessfulcio.com/communication-2/can-cios-teach-employees-cybersecurity