Each year, millions of businesses fall victim to cyber security attacks. October is Cyber Security Month, so take the time to make sure your business isn't at risk.
As technology advances, organisations are becoming better at protecting themselves and avoiding breaches and attacks. But incidents do still happen.
Last year, according to the Department for Digital, Culture, Media and Sport1, almost half of all UK businesses fell victim to a cyber security breach or attack.
When these breaches do happen, they can have a substantial – and often costly – effect on your business. A survey found that 33% of account-compromised victims cut ties with the companies who suffered from data breaches2. So how can you do better at avoiding them in the first place?
Revisiting your passwords this Cyber Security Month is a great place to start.
Why are passwords so important?
It may sound like a simple question but instilling, in your employees, the importance of a strong and unique password isn’t something that should be overlooked.
Consider this scenario:
A website you use falls victim to a cyber attack and the email address and passwords of its userbase are posted online – yours included.
Scammers now have your email address and your password. If you have a different password for every site you frequent, the hacker will only gain access to that one account, making it easier to mitigate the damages.
However, if you use the same password for everything, the scammer now has full access to your email account, which in turn will give them more information about what accounts you do use and allow them access to those too.
You may think this only relates to your employees’ personal lives, but it affects their work lives in equal measure.
Studies show that 51%2 of people use the same passwords for both their personal and their work accounts. This mean, if one of your employees experiences a data security breach at home, it could also compromise their work accounts too.
What makes a strong password?
So now we’re all in agreement that passwords are important for both our personal and work lives, it’s time to think about how to make a strong password.
The elements of a good, strong password are:
- length (the longer, the better)
- a mix of upper and lower case characters
- numbers (but not in sequence)
- symbols (!@$%!)
- no personal information
The more elements you incorporate into your passwords, the better protection you give yourself against hackers. Learn Amp, for example, has a built-in password strength checker to ensure everyone who uses the platform has excellent password security from the beginning.
But asking your employees to create and remember multiple unique passwords for each account they use is a tall order.
Thankfully, technology has advanced enough to anticipate these concerns and there’s a fairly simple work around.
Enter, password managers and multi-factor authentication.
A password manager is an application that stores and manages your usernames and passwords for various websites. These details are stored securely in an encrypted database accessible only with a master password.
If the idea of all your most important details being stored behind one password worries you – have no fear. Password managers utilise multi-factor authentication.
This means you need two different forms of identification to be able to access your password manager. This often involves sending a text message to your phone with a time sensitive code which will then allow you access to the account.
At Learn Amp, our Head of Operations recommends Last Pass and making use of the multi-factor authentication feature to keep our accounts secure.
Do your research to decide which application will work best for your organisation.
How do I teach my employees about this?
According to government statistics, only 51%1 of senior management get updated on cyber security with any type of regularity.
However, with the costly effects poor cyber security can have on a business, that number should not only be much higher, but it should also include everyone in the company instead of being limited to senior management.
We recently sat down with Reena Shah, Director of Cyber Security, Culture and Strategy at Refinitiv3, to discuss what businesses can do to encourage learning around cyber security.
These were some of Reena’s key takeaways:
Explain to your employees that remote working means that the cyber security risks are different from what they may have been in the office.
Within your weekly or monthly communications, make sure you direct your employees to your knowledge base around cyber security, so they always have access to the learning and tools they need.
Your employees are probably thinking, "what's in it for me?" Stress to them that learning about cyber security for work will also positively impact their personal lives.
Additionally, if you're using an LXP or a next-gen learning platform like Learn Amp, you can deliver the learning materials as and when they're needed through the platform.
For example, if you're finding the number of cyber security related incidents has been rising since your team began working from home, you could curate a Learnlist so your employees can revisit what they need to do to remain secure while working remotely.
Or, if you're trying to encourage the use of a password manager, you could use your platform to direct your employees to an explanatory tutorial.
The more we work remotely, the greater the importance of cyber security on our businesses. The old practices that may have worked while we were all in a centralised office may not work for remote teams.
Now, employers have to think about the risks in each of the households of their remote workers.
Technology has advanced to a point where it’s become easier to minimise the risks involved in cyber security, but employers and employees need to be proactive and do the learning necessary to stay safe.
Passwords may seem like a small aspect of cyber security, but they play a big role - don't overlook them when it comes to learning.
Request a Learn Amp demo to find out how we can assist with your cyber security learning needs.