In an increasingly volatile cyber landscape, one of the biggest challenges facing security leaders is communicating risk and raising cyber awareness across an organisation. In order to increase resilience and maintain good cyber hygiene, it is necessary to convey the need for cyber security vigilance to your workforce and to business leaders. The most effective way to do this is to
put it in a language everyone understands
When discussing and educating workers on the need to follow protocols or when implementing changes to processes, many security experts agree an effective method to use is to make it relatable. This can help to reinforce why rules should be followed and how changes can protect them from opening up the organisation to a breach. It can also aid in raising employee awareness of the need to protect endpoints for remote or hybrid workers. Philip Wagner , Director, Cyber Governance, Risk & Assurance (ITSA) and Deputy CISO of the NDIA , discussed at Public Sector Network's Endpoint Protection virtual event how he likes to convey risk by ‘sharing a relatable story.’ If an employee can grasp the risk, chances are they will grasp why it is important to follow protocols to protect against it.
When talking to boards and business leaders a good approach can be to cut down on technical speak and discuss the business impacts of a breach . Conveying the financial and reputational repercussions of a cyber attack and how improvements can help secure networks and prevent them from happening is more likely to increase understanding of how it will affect an organisation overall. Speaking to business continuity, how preventative methods help to detect and respond to threats before they become a major incident and impact day to day operations, will drive home the importance of good cyber hygiene.
Cyber threats are constantly evolving and changing and it is difficult to grasp if you aren’t an expert in the field. When educating your organisation's workforce on updating protections and mitigating risk, if you can put it in terms everyone understands, cyber security might not seem quite so daunting .
These topics and more will be discussed in depth, by experts, at the upcoming Public Sector Network Cyber Security National Insights 2nd edition on 19 May . You may view the agenda here or secure your complimentary pass here to hear all about evolving capabilities through collaboration, technology and risk awareness .