Think about the last security training session you attended. Was it boring?
They usually are. Management knows security is important, so they schedule several hours of tedious instruction, trying to improve your approach to security.
That rarely improves security.
Security isn’t strengthened by listening to someone talk, or even reading a guide. Instead, it’s built from the inside by creating a stronger security culture. It’s a process of developing shared attitudes, beliefs, and actions about the approach to cybersecurity.
Until you have that in place, you’ll be at risk.
Developing a solid security culture includes:
Focusing on behavior
According to Verizon’s 2022 Data Breach Investigations Report, 82 percent of security breaches involve the human element. If you want to reduce most of your risk, focus on changing behavior. Security starts from the top down. If management takes it seriously, the staff will follow. Work to provide the tools necessary to keep the entire office safe, then model positive behavior. You can use positive reinforcement as their tactics thwart criminal behavior. Make security a part of your everyday life, not just an event several times a year.
Balance out security training
A lot of practices take an all-or-nothing approach. They emphasize technology and training in chunks, then leave it to chance for weeks - months - at a time. This leaves you vulnerable. Instead, there needs to be a balance in the process. Build it into the way your office functions. Gentle reminders can go a long way if they are a part of your day.
Staying current
The pandemic has changed many things about today’s healthcare, including risk. One report showed healthcare customers experienced a 9,851 percent increase in hacking attempts in 2020, with activity intensifying throughout 2021. Criminal behavior isn’t going away. But you can’t be prepared for things you aren’t aware are occurring. Build in early adoption of various security strategies, and take a zero-trust approach to better secure each of your internal systems.
Train in the moment
Most practices today don’t have time to stop everything for hours of training. That often pushes training off the plate, leaving the office more vulnerable. Why not try training in the moment? Instead of covering in-depth topics, take a “3 minute” approach. A quick training on passwords in the morning can give everyone a chance to strengthen their passwords. Create “tip days” where you send out quick action items people can learn and perform as a part of their day.
Criminal activity is quick and impactful. They get in, take what they want, and get out. Of course, the repercussions can last for a very long time.
Make your approach to security quick and impactful too. Design a security culture that makes security a normal part of the day. It’s the best way to stay safe for the long haul.
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.
