9 Ideas for Small and Medium Sized Business to use during Cyber Security Awareness Month
If you own, run, or work at a small to medium sized business- with the threat landscape in 2019, you should be thinking about the companies’ cyber security strategy. Just because you’re not a giant multinational behemoth, doesn’t mean hackers aren’t interested in your information assets, bank account info, or customer credit card data.
If you have a strategy, or haven’t gotten that far yet, think about making a plan for Cyber Security Awareness Month to get everyone on the same page.
- 2018 Data Breach Investigations Report, Verizon found that 58% of all cyberattacks target small businesses.
- According to the U.S. National Cyber Security Alliance, 60% of small companies are unable to sustain their business more than six months following a cyberattack.
- According to the Ponemon Institute, the average cost for small businesses to clean up after being hacked is about $690,000 and, for middle market companies, it is over $1 million
National Cyber Security Awareness Month takes place every year in October (and is coordinated across the UK, EU, and USA). If you’re not yet training your employees around cyber skills, good digital habits, and how to stay safe online- October is a great way to start your program.
Use our quick and easy ideas below to put a plan in place to build cyber awareness at your company.
Make a Plan for Cyber Security Awareness Month
Use the Themes of National Cyber Security Awareness Month to Focus your Communications.
NSCAM OCTOBER 2019 Theme – STOP. THINK. CONNECT.
Own IT. Secure IT. Protect IT
Find out more.
Or, Pick Your Own Cyber Security Awareness Month Themes.
Here are a few to consider…
Malware and Ransomware
Staying Safe Online
Mobile Device Safety
Working in Public
Securing your Home
9 Ways to Make your Cyber Security Awareness Month a Success!
1. Thread in Continual Learning
October is a great way to get started with a Cyber Awareness Program, however with the amount of cyber threat, digital transformation of business, and technology change in our working environments today- it might not be enough to train your teams on all the behaviours that need to change. Continual learning practices show that streams of reinforcement, encouragement, coaching, nudges, and other techniques are the things that actually move the needle on skills development, knowledge building, and cultural change. Which is what we’re all about. Where could you add in a nudge?
2. Make it an Event
Host weekly meetings or lunch & learn sessions. Bring in a speaker or watch a webinar as a team. There will be many free learning opportunities this month, if you put the calendar invite out now, you’ll stand a better chance of blocking out time for learning and discussion on your colleagues’ calendars!
3. Reinforce with Visual Information
Can you print out a few posters or find some online to purchase at a reasonable cost? Changing the decor can get some additional attention and reinforce key learning points around recognising phishing attacks or staying safe on social media. Think about hanging them in key traffic areas, or use more stealthy approaches and hang them where people might least expect to see them!
4. Play a Game
Phish yourself (with the help of someone from IT!) and award prizes for those who recognise the phishing attempt and ‘do the right thing’ (whatever the policy is at your company). Put together short quizzes or surveys with free online survey tools- award badges and prizes, and publicise widely.
Our entertaining and educational content has something for business and budget: posters, videos, training modules, infographics, memes, and more. It’s different, attention getting, and builds awareness.
CYBER SECURITY AWARENESS MONTH PACKAGES
5. Social Engineer Yourself
Drop a few usb sticks (make sure they are new and clean to use!) in the parking lot with different labels (our favorite all have HR themes like ‘bonus scheme 2018’), put a file on it with learning points around social engineering tactics and the correct use of portable file devices.
6. Make it Personal
Tie in the reasons that people should change digital habits for themselves, not only the company. Protecting ourselves online includes topics such as identity theft, phishing scams, social engineering as well. Helping your staff keep themselves and their own families safe is a great benefit to employees, and helps them tune into your program.
7. Use Videos
Videos are the way everyone wants to learn these days- not that reading is gone, but to convey lots of information in the shortest time possible, videos the way to go. There are free training videos to be found on the usual video platforms (of varying quality and effectiveness, true) but if you’re really in a pinch, they can at least help you start the conversation at your company of the importance of cybersecurity in today’s business environment. Follow the themes above and send out links to your team. If you’re looking for some ideas, check out our pages here: cyber awareness month SME page.
8. Make it Fun
Try to make messages around cyber awareness month positive and motivational (rather than scary, dour, and guilt-inducing). People will tune-out very quickly to un-interesting, dull, or fear-driven content, so keep it snappy if you want to gain your employee’s attention. We prefer a bit of humor (if you couldn’t tell!) to get the messages across, but you can use whatever approach you think fits best for your organisation.
9. Report on Progress
Sending out a report on all the activities you did during you October Cyber Awareness Program showing all the progress made can reinforce learning and the value of the activity.
For more information on how you can get cyber awareness training that is continual, bite-sized, funny and effective for your SME for less than the cost of a coffee per employee, click here.
Follow our twitter feed for tips, tricks, reminders, and shareable content.
And Finally a word from our leader..