Let’s face it - cyber safety is stressful. The idea of an invisible criminal loitering around the internet aiming to get hold of our money, passwords, or personal data is quite frankly horrifying.
But talking about cyber threats and ways to keep ourselves and our organisations safe online is incredibly important. In other words, we have to fight, not flee.
So how can you take the stress out of cyber safety for your people this Stress Awareness Month and beyond? How can you increase their engagement and ultimately cyber awareness by removing stress out of the equation?
We’ve got three simple tips.
Focus on the positive
While sharing facts and statistics on cyber crime can be thought-provoking, most will leave your people feeling helpless and overwhelmed. Learning that the average victim of online fraud loses £6,000, or that the average cost of a ransomware attack on a business is $1.85 million, will leave them thinking ‘what can I even do about this?’ - and that’s not what you want.
Statistics are typically used in this way, attempting to scare us into doing the right thing, but why not flip this on its head, with a hidden, more positive, call to action?
For example, did you know that Multi Factor Authentication can block over 99.9% of account compromise attacks? Or that using a VPN while working remotely hides your IP address and protects your virtual location from cyber criminals?
In this instance, it’s easy to see how facts and statistics that outline the benefits of safe online behaviours, like setting up MFA or using a VPN, are much more engaging than those focusing on the cost of cyber crime, whether it’s personal, financial, or reputational.
Facts and statistics highlighting the effectiveness of safe online behaviours position your people as the active participants in the fight against cyber crime, and remove that feeling of powerlessness we mentioned earlier.
Talking about the positives of safe online behaviours not only encourages them, but also takes the stress out of knowing what the right thing to do is - because the answer is right there.
Scrap the ‘all or nothing’ approach
Mandatory cyber awareness training is one way to make sure all of your people have the same level of knowledge when it comes to cyber safety, but it’s often the last thing employees want to do. When workloads are high and project deadlines are coming up, that ‘Reminder, you have training to complete’ email can lead to stress and frustration.
What does this result in? Disengaged and unresponsive employees, and an organisation that mistakenly believes it’s doing its best to warn off cyber criminals.
So how can you present this information in a way that makes it more engaging, and takes away the stress associated with it? Well, it’s about taking some of the effort out.
Instead of having your employees complete a module in their training, drip feed this cyber safety information using visual communications in emails or on virtual noticeboards, polls on your company intranet, or announcements in your chat spaces. Whether it’s password safety tips, or a reminder to update company devices, you can deliver all of this in small, bite-sized chunks.
This drip feeding not only allows your employees to properly engage with the material, but also ensures your employees are always exposed to cyber safety as they open emails, access the CRM via the intranet, or while they’re chatting online to project colleagues. Talk about stress-free!
Create a hub of information
To eliminate stress in times of need, it's important to know where to turn to when you need information about or support with cyber safety. How can I change my password? How do I know if a Wi-Fi network is safe to connect to? How do I report a phishing email? This should all be in one, easy-to-find place.
This is why it’s important to create a designated area for all your cyber safety information, which everyone can access as and when they have a question or need advice. Whether it’s on your intranet, or a folder in a shared drive, this can be the place where all of your resources, policies, and FAQs sit side by side.
Updating and regularly signposting to this hub of information will help to reduce stress and frustration when it really counts.
Let us do the work
Our communications and behaviour change programme, CyberSafe, contains everything your people need to know to keep themselves and your organisation safe from cyber security attacks.
With our bespoke internal campaigns built specially for your business, targeting the key threats you’re facing, we can help you build your very own positive cyber security culture.
Curious about what CyberSafe could do for your organisation? Send us an email hello@insideoutconsulting.co.uk or visit our website insideoutconsulting.co.uk.
Comments