A common experience led to a partnership based on information security
Information security is not just about computer systems, or information in its digital or electronic form alone, it concerns a much broader field that encompasses information and the protection of information, whether physical or computerised.
Cybersecurity, on the other hand, is defined as the ability to protect or defend the use of cyberspace against cyberattacks.
Based on this premise, MindForest, an expert in change management and organisation, and POST CyberForce, a telecom service provider, IT integrator and information system defence provider, have built a partnership born of their common experience in raising awareness of information security in its global acceptance.
The human factor in the context of cyber threats
Human error is at the root of 75% of IT security and cybercrime problems*. No company, no matter its size or sector of activity, is immune to cybercrime. The latest examples of Cactus, Tarkett or Giorgetti in Luxembourg are there to prove it. A cyber attack can be fatal for an organisation that has underestimated its impact.
Be aware of the internal threat
The main types of attacks in 2019 are phishing (26%), malware (20%) and ransomware (16%)*. The gateway to these attacks is the human being, it can really be said that companies are in danger, but contrary to what one might think the threat is primarily internal.
It is all about being aware of how easily employee or human error impacts the security of an organisation. Careless or uninformed staff are the second most likely cause of a serious security breach*.
Employees can become vectors of attack in many ways: they can be careless, they can be uninformed or their actions can be malicious.
A cyber crisis linked to information security
What is the reason behind the lack of information security awareness among employees? The first thing that can be said is that in many cases information security policies and guidelines are written in such a difficult way that they simply cannot be effectively understood by employees.
Instead of explaining about risks, hazards and best practices in clear and comprehensive instructions, companies often distribute multi-page documents to employees that everyone signs but very few read and even fewer understand.
It is therefore safe to say that there is currently a crisis; a cyber-crisis linked to information security and this crisis can only be overcome by the introduction of a true digital culture in companies.
A necessary change of culture
This cultural change necessitates a change in behaviour. Just like we started wearing masks which has since become a new norm to protect oneself in society. The message to be conveyed here is the same. We need to change employee behaviour in order to raise awareness of their role in information security.
So how can we make employees understand that their behaviour can support or harm information security?
The approach must pass through the implementation of a prevention policy supported by the organisation’s management. In its acceptance, this prevention policy should not make everything secure and stifle the organisation, but rather offer the means to raise levels of employee awareness in terms of IT security.
Focus on the Human
As part of the partnership between MindForest and POST CyberForce, we have put together a programme to raise awareness, engage and consolidate the information security culture of your organisation.
Let us help you
WANT TO RECEIVE OUR LATEST THOUGHT LEADERSHIP CONTENT?
Related posts
Digital Transformation and Change Management: Lessons shared in an event hosted by Cebi and MindForest Can Engagement Help Reduce Absenteeism? Daring to Lead Positive Transformation: What If you explored a disruptive approach to Change with Appreciative Inquiry? Have you Examined the Advantages of Working with Data Analytics yet? Daring to Lead Positive Transformation: How can you implement and manage positive change with success?