• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

How to talk about security so employees will listen

September 23, 2014 by Secure360 and UMSA

Risk_11583005_lWorkplace security: yawn. Yes, it’s not the most interesting topic and many employees will feel like you are beating a dead horse, but it is absolutely vital in our risky digital world. So, how do you keep your employee’s eyes from glazing over? Follow these three tips and tricks for keeping security issues interesting and meaningful to employees who might not give security much thought.

 1) Engage your employees

Security should no longer rest with just the IT or IS departments. In fact, you could be causing more harm if it does. Every employee is responsible and, more importantly, capable of preventing security breaches. So, why not have your cybersecurity policy start with them? However, instead of sending the annual or semi-annual technology and security memo out cold, try to present it in an impactful way.

Take a page from MADD/SADD and actually show how serious any breach can be not only to the company but also employees. If that’s too dramatic, make a game out of it at your next department meeting. Regardless, however you present the information, just make sure every employee is engaged and clearly understands the risks. And, if a breach does happen, make sure others are made aware, so they’ll know how to prevent a similar attack.

 2) Have an open door security policy

In most cases, the obligatory 90-day password change is not enough in today’s shifting cybersecurity world. Just as hackers are evolving and becoming more sophisticated, so should your technology and security policy. You need to constantly review these policies, to ensure they are up-to-date in order to prevent attacks. No matter if an employee is a custodian, administrator, manager, or C suite executive, they should all have a say in security, after all, two heads are better than one. Create a technology and security team, with representatives from every department. Not only will you be provided with fresh perspectives, but you may discover possible new weaknesses previously disregarded.

3) Speak in terms they’ll understand

Another way to pique your employee’s interest is to speak in terms they’ll understand. Don’t assume everyone knows what malware, Trojans or worms are, or what types of links/sources are okay to access. Create a document for both desktop and mobile devices explaining what is an acceptable and unacceptable use of company technology. Be sure to speak in both technical and plain terms, for everyone’s comprehension. Additionally, offer ongoing technology training to employees, so at the very least, they’ll have a basic understanding of cybersecurity and how to help prevent an attack.

While talking to your employees about security may not be the most interesting subject, it is a necessary ongoing conversation. It doesn’t mean it has to be boring. In fact, if you present your technology and security policies in an interesting and meaningful way, it could help retention and boost engagement among your employees. No matter how you present the information, just make sure everyone is clear on what the risks are and how to help prevent an attack.

How do you engage your employees in technology and security conversations?

Filed Under: Business Continuity Management, Cybersecurity, Professional Development, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 2 days ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 4 days ago

  3. Secure360 Conference
    Secure360 Conference: Fascinating stuff about the shift from brick & mortar to e-commerce, from Diamond Sponsor @cisco! https://t.co/4GaYGQKZ1a
    about 6 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.