Building a Culture of Security – “Elevate” Your Awareness
As part of National Cybersecurity Awareness Month (NCAM), VITAL strives to share topics that broaden everyone’s view on the importance of cybersecurity training and awareness. Unfortunately, a lot of small businesses still feel that the security news and sensational headline buzz does not apply to them, “as hackers just want to attack the large enterprises as there must be more to steal”..statistics show this could not be further from the truth as 50-70% of SMBs have experienced some form of cyber attack…(Security Magazine) SMBs often overlook the role they play in their broader supply chains or lack an understanding about where their company fits within the 16 Critical Infrastructure Sectors.. For example, HVAC (Target Breach?) welders, machine shops and manufacturers etc. possess data, blueprints and details on critical infrastructure that bad actors (hackers) want to steal from you.. You need to build awareness and commit to security practices to best operate in this highly connected world. The Department of Homeland Security states “There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”https://www.dhs.gov/cisa/critical-infrastructure-sectors So, as a Small Business owner or the owner of an MSP, how does this involve you ? Yes ! SMBs and MSP owners alike participate in many broader business integrations that touch in some way, shape, form these critical infrastructure sectors. This headline caught our eye today.. “US Elevator Industry Group Calls for Tighter Cybersecurity” “What we are seeing is that the job of the elevator mechanic of the future will be more technology-focused—more computer knowledge will be expected, and they’ll be doing a lot more of their job behind a computer screen and not with wrench in hand,” (Engineering News) This demonstrates that cybersecurity awareness and the need for training is quickly creeping into many “non-traditional” areas of business where a focus on Cybersecurity has been overlooked and no one likes to be in the “catch up” position. But, it does not have to be a game of catch up. It starts with promoting awareness and embracing training your employees to become more aware. At VITAL we promote the business benefits of cybersecurity training and helping your organization build a culture of awareness. For the team here at VITAL, it’s not just about getting your employees compliant with security training, that is the minimum.. A culture of security commitment is the new minimum and it starts at the top of the organization, exciting and activating your employees to become committed to security training. Leading by example yields great change..