We’ve all been there: Opening our email app or checking social media to find that our information may have been compromised in the breach of another big-name brand.
For some a panic ensues—but none more so than the company that could have prevented the breach or at the very least, minimized the damage.
The story of a colleague comes to mind. She worked for a company not too long ago that experienced a near miss with ransomware. An employee had fallen for a particularly insidious phishing attack, opened an infected PDF, and unwittingly let ransomware into their internal network.
See Something, Say Something
Fortunately, this employee knew exactly what to do and told the IT team right away. The next 15 minutes saw the IT Director literally running around the small office unplugging network hard lines and telling everyone else to do the same before the ransomware spread too far.
One section of the company’s shared drive ended up infected and locked down, but this company had the proper backups in place. This, combined with the original employee’s quick actions, kept a day’s work on IT’s part from becoming a catastrophe.
But, not all companies are this fortunate. Technology is evolving at a monumental rate and with it comes new vulnerabilities that need addressing to prevent catastrophes like these. And while no technical patch can stand as a one-stop solution, there is one area within the organization that can act in tandem to create a powerful defense: people.
The truth is employees are the eyes and ears of our organizations. We need to make sure they’re equipped with the tools and knowledge to do the right thing by reporting potential threats and risks to data security, as they happen, not in the potential aftermath of an investigation. A “See something, say something culture” needs to be promoted and encouraged.
3 Reasons for Incident Response Training
Given the human connection, a security awareness training component promoting the importance of reporting potential cybersecurity or data privacy incidents is crucial. Here are three reasons why:
Protected Information can be Hard to Identify
In the findings of our 2018 State of Privacy and Security Awareness Report, when asked how best to dispose of a variety of different types of sensitive information, 20% of employees chose the riskier of the two options (either disposing of unneeded personal information in a shredder or in an unsecured trash bin). Training that teaches what information is sensitive or confidential (both personal and company-related) and promotes best practices for proper disposal can dramatically reduce the risk of sensitive information landing in the wrong hands.
Information can be Compromised a Variety of Ways
In the same report, one-fifth of employees did not report a variety of theoretical risks to security and private data, as they should have. These include unsecured personnel files, unsecured confidential product information, potentially infected computers, and more. While phishing is the most common vector for cybercriminals, a truly comprehensive awareness program including incident reporting training helps instill the importance of other threats that can plague an organization.
Incident Response Plans Could be Lacking
It may sound like common sense, but you’d be surprised how many companies expect employees to know what to do after an incident occurs without a well-documented and communicated plan. In fact, a recent Ponemon study showed that 77% of businesses lack proper incident response plans. Make employees feel a part of the team with training messaging that speaks directly to them as proactive defenders of your organization’s sensitive data and teaches them what to do in the event that they discover a potential incident.
The good news: MediaPRO’s Incident Reporting course tackles the top three reasons above and teaches employees their responsibilities toward reporting potential incidents that put sensitive data at risk, the different ways these incidents can manifest, and the impacts of failing to report.
If you’re aiming to implement Incident Response Training (or replace an outdated policy or training) please reach out—we’d be happy to help get you started.