Creating a Cybersafe Workplace Culture

Cyberattacks are on the rise, and 90 percent of security leaders say their organization is falling short in addressing cyber risk. While corporate leaders understand the importance of developing a cybersafe workplace culture to combat the problem, few know how to make it happen.

At RCM&D, we have guided our clients to adopt a strategic process around managing cyber risk and have provided numerous educational and training opportunities. Still, we have found the most important tool in fighting malicious cybersecurity bad actors is the employees of the organization. It’s important to routinely shine a light on cybersecurity for all employees so they understand the importance of cyberattacks, ranging from financial threats to reputational damage. The human firewall is more critical than ever.

The average cost of a data breach with an initial phishing attack was $4.91 million, according to the IBM Cost of a Data Breach Report 2022.

A 2021 study found that 44 percent of corporate security incidents were caused by employees who fell victim to phishing scams. To address the issue, companies should provide regular training sessions and phishing simulations for all employees to help them spot a phishing attempt and avoid falling prey to the scam. Employers also should instill the value of a cybersafe culture. There should be a process in place if employees fail their phishing simulations where additional training and guidance is provided.

Corporate leaders who invest in cybersecurity set the vision that this is an important initiative for all employees. All companies should have an Incident Response Plan as part of their Strategic Cyber Plan. When a cyberattack occurs, and it will, your company will be able to activate the plan to respond quickly and efficiently.

This fall, Unison Risk Advisors led the “Cyber Protection Webinar Series: Hygiene, Incident and Breach Response,” that is now available on demand as a reference for cyber security planning. The four-part cyber series reviews cyber security from an insurance, legal and technical perspective. The expert panel discusses current potential threats, the importance of cyber insurance, and the protocols to follow that can help your business avoid or overcome cyber and ransomware attacks. To conclude the series, the team leads a cyber tabletop simulation of what to do in the event of a cyberattack.