Any organization’s staff members continue to be a weakest link of operations since they harbor information that help grow the organization or bring it down.
Cybercrime, according to white-hackers has lately become a major problem for organisations owing to the employees increasingly becoming the targets through which networks are broken and sensitive data stollen. Over 90% of all successful cyber-attacks are said to result from information seepage, unknowingly provided by employees.
Finding by the latest 2018 Global State of Information Security Survey by PWC reported a 58 % increase in the number of employee-related security breaches and almost half of the respondents admitting to not having a security awareness training program in place.
But loud as the cyber attacks may sound, some organisations especially within East Africa are still reluctant to step up the security ladder. Lack of proper security built-in mechanisms makes organizations susceptible to any single attacks. The forth coming Cloud and Security Summit that will be hosted in Kigali, Rwanda on the 28th and 29th April 2019 at the Mariott hotel will among other things elaborate on how to effectively promote the importance of cyber security in organisations and even at individual front.
Effective Security Strategy
Security should be built into the culture of an organization or a country, to ensure that every person within understands insecurity and the far-reaching impact that a data breach can have.
Rwanda Information and Systems Authority (RISA) has enabled for such an arrangement and holds an annual cyber security campaign week, this year’s climaxed by the Cloud and Security Summit that will be at the Marriot Hotel. During the annual security awareness week, citizens are taught on cyber security awareness and its importance.
Keep Defensive Practices up to date
Security policies could become useless unless organisations have a thorough and continual way of monitoring cyber security compliance. The security landscape is constantly shifting and evolving so it is vital that employees are continually trained to ensure they can respond appropriately to the most up to date security threats.
Recently in Kenya, the Director for Criminal Investigations published 153 names of electronic fraudsters who singularly targeted financial institutions. This could have been as a result of information leaks done unknowingly by unsuspecting Kenyans. Just how safe data is and what data should and should not be shared still boggles minds.
Security Awareness Training
Human error remains the number one cause of a cyber-attack (Humans are the weakest link). Effective security awareness training is essential in enabling staff to identify and respond appropriately to the growing range of any security threats. All employees, at every level of the organisation should receive such trainings to ensure they have the skills required to identify an attack.
Cyber Security Awreness trainings should be engaging and informative to ensure that staff understand what is required of them and the importance of their role in safeguarding the organisation’s sensitive data.
Just like Rwanda does a week-long security campains to build a culture of enhanced security compliance, organisations should persistently train and retrain staff on security details to ensure complete retaining ability of the awareness how sensitive data on systems are and to ensure procedures are followed correctly when data is shared within and without the organization.