Over the years and throughout our research, we’ve come to a conclusion: culture can be just as important to cyber security as the technology itself. Here’s how:
A stressful workload
When people are under stress or have little time, they’re not always paying the closest attention to the types of emails they’re clicking on—and are therefore more likely to click a suspicious email or link.
Lack of focus on in-person communication
Oftentimes, coworkers will email one another from across the room. We totally get it, but these habits can cause lack of concern when a hacker poses as your coworker, instead. If your coworkers regularly send you links, this won’t seem as suspicious.
A harsh environment
Is it normal for an executive to demand something like a money transfer to a vendor or a large purchase with no questions asked? If so, there might be a problem with more than just potential phishing.
Lack of focus on education
Without educating employees on the risks of cyber crime and the warning signs, they can’t be to blame. Encouraging employees to question requests, double check records, and pay closer attention to links and email addresses is critical in improving overall cybersecurity.
Choosing the easiest route
Stressed employees are likely to choose the easiest route for them to share or store information, despite whatever policies or security practices are mandated by the company. Employees acting as “shadow IT,” choosing and using their own IT solutions, are a serious issue for security, but IT teams must realize that ease of use should be among their primary considerations when selecting and implementing business technology.
Not viewing security as an asset
Security needs to be seen as a strategic asset that impacts the bottom line—one that needs to be looked at and updated. In an environment where consumers and other businesses have many options, secure business operations can be a strong competitive differentiator.
Culture is more than just a foosball table and a keg. It’s your outlook—and it impacts more than just your employees’ happiness. Do any of these apply to you?