CIOIT Staff & Team Building

How Can a CIO Improve Employee Awareness Regarding Cybersecurity?

Photo of Indrani Roy Indrani RoyJune 12, 2019
56 1 minute read

As CIOs have better knowledge about technology, they can help employees in tackling cybersecurity better. Moreover, most of the breaches occur due to employee ignorance and companies are aware of this flaw. In his Accident Successful CIO blog, Dr. Jim Anderson explains how a CIO can improve employee awareness regarding cybersecurity.

Updating Employees Regarding Cybersecurity

Companies are spending millions in securing their networks and channels, but their weakest link is their workforce. Management, however, cannot evade responsibilities by penalizing ignorant employees.

Studies reveal that 91 percent of cyber attacks are caused by phishing emails. To address that, CIOs are conducting training sessions on a regular basis to spread cybersecurity awareness. These sessions usually involve how not to click on suspicious emails or use predictable passwords. However, these do not work in the long run.

So, some CIOs are conducting contests and awards to reward employees that put those training materials to use. In fact, companies are trying out different methods to raise employee awareness regarding cybersecurity.

Working on Improving Awareness:

CIOs train some employees that have no previous security knowledge regarding cybersecurity. They are then provided incentives for spreading awareness among their colleagues. These trainers conduct classes, start contests, etc. to get the attention of their peers. Peer-to-peer knowledge transfers feel less formidable and easily comprehensible.

The overburdened workforce usually ignores cybersecurity tests. However, these behaviors change when CIOs gamify tests or apply incentives. Appreciation emails for alerting a suspected phishing email also make employees more vigilant.

Conclusion:

No matter how many security applications companies invest in, employee awareness regarding cybersecurity is what companies must prioritize. They are bound to make mistakes. Implementing penalties or forcing them to take cybersecurity training will not work in the long run. An open discussion forum, non-threatening environment, and gamification of knowledge sessions can change behaviors for the better.

To view the original article in full, visit the following link: http://theaccidentalsuccessfulcio.com/communication-2/can-cios-teach-employees-cybersecurity

Tags
Photo of Indrani Roy Indrani RoyJune 12, 2019
56 1 minute read
Photo of Indrani Roy

Indrani Roy

Indrani Roy is currently working as a Content Specialist for CAI Info India. She has knowledge in writing blogs, product descriptions, brand information, and coming up with new marketing concepts. Indrani has also transcribed, subtitled, edited, and proofread various Hollywood movies, TV series, documentaries, etc., and performed audio fidelity checks. She started her career by articulating a knowledge base for an IT client, and, eventually, went on to create user manuals and generate content for a software dashboard. Writing being one of her passions, reading books is naturally her favorite pastime. When not lost in the world of letters, she is a foodie, movie buff, and a theater critic.

Related Articles

Photo of CIO, Make Your IT Environment Conducive to Gen Z Employees

CIO, Make Your IT Environment Conducive to Gen Z Employees

February 26, 2020
Photo of Ideal Approach for CIOs to Retain Vendor Relationship

Ideal Approach for CIOs to Retain Vendor Relationship

January 10, 2020
Photo of CIOs, Digital Transformation Is Real: Pursue It or Wither Away

CIOs, Digital Transformation Is Real: Pursue It or Wither Away

June 12, 2019
Photo of CCOs Must Team Up with CIOs to Defeat Competition

CCOs Must Team Up with CIOs to Defeat Competition

December 16, 2020
Back to top button
X

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.