Recently I had to have a serious conversation with my son about who he accepts as friends on the X-Box. Turns out he was playing and chatting with complete strangers. I was completely shocked as he is extremely bright and very cautious about who he interacts with. His reasoning was that he doesn’t share personal information, like where he lives etc., so he didn’t see what the big deal was. I explained that it didn’t matter, no stranger should have access to his accounts – period. Internet safety is a daily conversation we have with both our children as they are constantly encountering information that could put them at risk or it conflicts with our family values. Some parents may choose to cut off their children’s access to the internet so that they are prevented from seeing/hearing inappropriate content. My husband and I have chosen to take a different approach – we limit our children’s time on the Internet, but we don’t restrict their access. We do require that we can always hear and see what they are viewing, and we encourage them to use the values we have taught them to decide what is appropriate and what is not. Essentially, we have a constant conversation about what they view and how they behave in the digital age. This is similar to how we should be acting at work – we need to constantly evaluate and assess how to communicate and act in this time.
Every Click Counts
Every click and key we press can expose ourselves and our companies to enormous repercussions. These exposures range from an employee saying something offensive on social media, to an employee being vulnerable to hacking and exposing the customer and company data to a breach. We have all seen the headlines, whether it’s a politician, teacher, CEO, etc.; there are ample cases of professionals doing something questionable on the web and the organization they represent being impacted. We hear about the high-profile cases on the news, but most companies are being impacted by employee’s cyber slipups. According to Code 42’s 2022 Annual Data Exposure Report, 76% of Chief Information Officers say their company had some sort of breach in the past 18 months – up from 61% in 2018.
Digital Breach Prevention & Recovery
So, what should companies do to prevent these digital exposures? It’s a two-fold solution – they need a plan in place to prevent digital breaches and be prepared to recover from an incident. The growing theme in the IT world is that you truly cannot prevent a breach as human behavior is so difficult to control, so ensuring you have a solid plan in place to respond to a breach is critical. Some companies are going so far as to have cryptocurrency stored away so they are ready to pay ransom. To help prevent digital exposure, training plays a crucial role. This includes training for cyber awareness and digital ethics. Digital ethics training consists of how to manage oneself respectfully while interacting online. Companies are creating digital ethics policies that help guide their employees on what is expected while using social media.
52% of employees receive cyber training and education on a regular basis –according to the 2022 PWC 2022 Global Digital Trust Insights. And of those 52%, 16% are already seeing benefits from implementing cyber training programs. (Source: https://www.pwc.com/us/en/assets/cyber-global-digital-trust-insights.pdf) To help our members better protect themselves, ESA offers a comprehensive cyber security training course that provides learners info to be better informed on digital ethics and cybersecurity. The four-hour online course cover topics on malware, types of breaches and attacks, social networking security, and extensive prevention information for mobile devices, software and general practices. One of the biggest benefits of training all employees on digital ethics is they will have a greater understanding that protecting the company’s digital and financial assets are not just the responsibility of the IT staff, but it is a team sport that includes everyone, including the C Suite folks. ESA provides bulk purchase discounts for the Cyberthreat Preparedness course to help companies economically train all their team members. To learn more about our Cyber course visit courses.esaweb.org and search for Cyber.