Every day the cyber security landscape is becoming a bigger cause for concern. Statistics show that in the first seven months of 2021, individuals and organisations in the UK lost £1.3bn to fraud and cyber crime.
With many UK employees now returning to the office (on both a permanent or hybrid basis), it’s important that leaders champion cyber safety with the correct internal communications throughout this de-transition. Keeping your organisation safe from cyber criminals starts with your people.
1. Fresh start, fresh IT policies
With many of us out of the office and returning for the first time since March 2020, it’s no surprise that some (or most) of us will be out of practice when it comes to our cyber safety behaviours.
In preparation for your people returning back to the workplace, make sure to revisit your existing IT policies and refresh them where necessary. If you don’t have IT policies written up, this is the right time to put these together.
Why is this so important? The reality is that working from home, many of us have become lax about password safety, device updates, logging into public Wi-Fi networks, locking screens, among a multitude of other potential threats.
Some of your employees may have changed their passwords from something strong to something weaker to make logging in faster. Some may have neglected a system update for months on end. Some will be used to walking away from their desks for lunch without logging off. Some will have company documents downloaded onto personal devices. And so on and so forth.
Refreshed policies give you the opportunity to address these potentially harmful behaviours and clearly state the expectations that you have for your people on their return.
Employee engagement is also likely to be high as employees return and settle back into their pre-pandemic life - a bit like going back to school when you were a kid. Take this opportunity to push out communications that you need to be noticed.
Communicate these changes in bite-sized chunks, on social media, your company intranet, or on Teams using announcements, and remind employees that their return means additional responsibilities when it comes to cyber safety.
2. Have fun with it and stay relevant
With your people heading back in the office they will be sure to have their hands full. Remember to make cyber safety awareness fun and relevant so that it can cut through the noise of everything else going on in this busy environment. Our top tips for this include staying topical, following trends and relating cyber safety back to people.
Halloween is coming up. Why not create a series of ‘Trick or Treat’ cyber safety graphics asking employees if they think an email looks phishy or legitimate?
Or why not bring awareness to Cyber Security Awareness Month (we’re on the final week) by having a ‘Cyber Share’ at the beginning of every meeting throughout the month? Share a fact, something from the news, or raise a question to get a conversation going.
The craze of online shopping throughout Black Friday, Cyber Monday and the Christmas period also bring about great opportunities for communicating cyber safety awareness in fun and relevant ways for your employees.
To highlight the relevance of your messages, make sure to share the ‘what’s in it for me?’. Communicate with your people how they can benefit from listening to and incorporating the key cyber safety behaviours you’re talking about into their work and personal lives.
3. There’s no ‘i’ in team
While it’s important that your people understand their own responsibilities, you too have to follow the messages in order to set an example. Show your people what you’re doing to walk the walk. At Inside Out we like to call this ‘leading from the front’.
If you’re pushing out internal communications encouraging employees to update their system software regularly, and lock their devices when not using them, but you swipe away a software update notification, and walk away from your unlocked device to grab a coffee during a presentation to your team, then the message may not transpire.
Share the responsibility of cyber safety with your people. Live and be the message by living the behaviours that you push out.
Summary
With many employees heading back to the office, it’s important to remind our people of and reinforce a number of cyber safety messages to keep our organisations safe online.
Firstly, whatever messages you choose to prioritise, make sure to get them written up into your IT policies and share these with your people in easily accessible ways.
Secondly, keep cyber safety messaging fun and relevant by being topical, following trends and relating cyber safety back to people. With so many things coming up at this time of year, like Halloween or Black Friday, you will easily be able to find a hook.
Lastly, practice what you preach. Set an example and follow your own advice when it comes to cyber safety to drive your message home.
Let us do the work
Our cyber safety communications and behaviour change programme, CyberSafe, contains everything your people need to know to keep themselves and your organisation safe online. It follows science-backed change management and behaviour change methodologies, proven to support long-term behaviour change.
Getting your people on board and engaged with cyber safety is key to keeping your cyber security high, and your cyber security investments worthwhile. What are you waiting for?
Feeling stuck or need help bringing your communications ideas to life? Curious about what CyberSafe could do for your organisation? Send us an email hello@insideoutconsulting.co.uk or visit our website insideoutconsulting.co.uk.