By Terry Cutler
Security was once equal to a magnetic swipe of a plastic card along with a friendly wave to the neatly dressed and overworked security guard. In some companies “loose lips sinks ships” meant don’t talk business outside the office. In some cases, employee movement was tracked at every company door by tracking the employee’s magnetic card.
That was security.
These days, security means Internet and Smartphone security, and it is a whole new ball game with billions at risk. Loose lips sink ships now applies to employees social networking and not talking online with strangers, and recognizing a phishing attempt.
But what do employees understand about spyware, Trojans (other than what they read in media), phishing attacks, spamming and hacking techniques? Company CEOs are dealing with this and are offering in-house training to raise the security awareness of its employees. The premise is that knowledgeable workers who have acquired security training will develop a vigorous defense against outside intrusions.
This is what today’s CEO needs to know. His threat to security, and also his weapon against a threat, are the employees.
These employees bring greater value to the workplace, and can be extraordinarily productive, efficient, and add value to the company by fostering a company that has little to no security breaches.
It isn’t that complicated, as some are led to believe. Do employees need to be certified ethical hackers? No, but employees can determine if an email is legit, or not, and recognize a phishing attack.
Yes, companies can even go further by providing high-level security training that could lead to security certification; the cost has to weigh against the number of employees leaving the company. High-level training can be a large expense, yet the return in security could reap rewards.
So there is no question that today’s business is based on, or moving towards, online operations and in the last three years the drive to protect customer data is gathering the same amount of speed, and while CEOs have the entire security system to lose sleep over, employee training in security systems should not be overlooked.
Next week, the myth that companies can guarantee Smartphone security
I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.
I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.