STOP – LOOK – THINK. The three most powerful words in defending against cyber threats.
Over the past 30 years, cybersecurity awareness and education have increased across all industries, such as government, healthcare, and retail. In 1988 the Association of Computing Machinery’s Washington, D.C. Chapter dubbed November 30th as Computer Security Day, increasing awareness around cybersecurity, especially approaching the holiday season. This was prompted by the discovery of the first computer virus, The Morris Worm. October was declared Cybersecurity Awareness Month by the Cybersecurity & Infrastructure Security Agency (CISA), dedicating a month for public and private sectors to work together and raise awareness about the importance of cybersecurity. As a healthcare technology professional, did you do anything in recognition of these?
It can seem like a daunting task to tackle, but with just a little thought, preparation, and use of available resources from government agencies, it can be easily accomplished. In this blog, learn how to leverage awareness-driven holidays to bring focus on the critical nature of cybersecurity, and never miss out on this huge opportunity again!
Driven by ImagineSoftware’s VP of IT and Corporate Security Officer, Anthony Brown, the security team at ImagineSoftware has found the following to be very effective in raising cybersecurity awareness with our team and making cybersecurity a newfound habit:
Posters: As simple as this sounds, the visual reminders in offices/breakrooms/and the like are a great way to keep this on the front of everyone’s mind.
Email Communications: Simple weekly communications with cybersecurity information also serves in helping bring security awareness to the top of our team’s minds.
Gamification of weekly activities: We created weekly games (with meaningful prizes) around cybersecurity tasks or taking additional training or participating in lunch-and-learns. There is some competitive spirit in all of us and who doesn’t like to win something?
Lunch-and-Learns: With lunch sometimes provided by the company or with employees bringing their own, lunch-and-learns always offer an informative open discussion on cybersecurity topics such as email encryption, data loss prevention, or the current and future state of the cyber terrorist activities plaguing both our business and personal lives.
Phishing Tests: This is an ongoing effort with the team, but we always make sure to include one during October. Why? 90+% of all ransomware attacks and data breaches were the result of human error – taking the wrong action with a nefarious email. You must help your team to recognize these and take the correct action, which is NOT clicking the link or opening the attachment and instead alerting your security team. We must practice, practice, practice this – it is your last line of defense, perhaps your only line of defense.
Webinars: ImagineSoftware hosts many webinars for our clients and industry friends, October always includes at least one. If you missed last month’s, it is still available on our website. You might consider doing something similar for your providers and/or clients.
Watch the On Demand Webinar:
These various components may seem simple, but when combined with repetition are extremely effective. It is a good way to emphasize the ongoing training and education you are doing throughout the year; it cannot be a one and done endeavor.
If you would like help or to understand what we leverage at ImagineSoftware to do the above, let’s talk. We are only as secure as our weakest link, so let’s all stand strong, link arms, and turn back this wave of digital terrorism.