On Tuesday, February 11, 2020, the world will unite to celebrate Safer Internet Day (SID), an annual celebration that aims to promote the safe and positive use of digital technology.
Today in Canada, it’s rare to find an organization that isn’t carrying out some form of business online, making Safer Internet Day more relevant than ever before.
By the Numbers: Cybercrime and Data Breach Statistics
- In 2019, the odds of experiencing a data breach grew to 29.6%. [IBM Security]
- Since 2014, data breaches caused by malicious attacks increased by 21%. [IBM Security]
- Human error, including phishing attacks and stolen and infected devices, accounts for approximately 25% of data breaches. [IBM Security]
- In the past year, 28 million Canadians were affected by a data breach. [Office of the Privacy Commissioner of Canada]
- The most costly component of a data breach is lost business. [IBM Security]
With the right security measures in place, you can greatly reduce vulnerabilities, safeguard sensitive data, and help protect your organization from harmful attacks.
As we prepare to ‘come together for a better internet,’ read on to learn how you can keep your business safe online, now and for years to come.
1. Create Strong Privacy and Cyber Safety Policies
As cyberspaces evolve, so should your policies. It is critical to analyze whether your privacy and cyber policies are in compliance and truly safeguarding customer, client, and/or patient data.
Policies should cover:
- Internet use
- Software use
- Access and privacy compliance
- Effective password management
- How to detect phishing and other email scams
- Social media use
- BYOD policies
- Reporting lost or stolen devices
- Locking devices in unattended workspaces
2. Educate Your Employees on Privacy and Cyber Safety
Human error continues to be a leading vulnerability within organizations. With ongoing training, you can limit your risks and liabilities, ensuring your team understands the consequences and impacts of privacy and security threats.
Areas of focus:
- Regularly review existing policies and processes
- Inform of current threats
- Provide password security training and best practices
- Increase awareness on how to detect phishing and avoid social engineering attacks
- Teach how to mitigate threats
- Ensure awareness of privacy breach response
- Inform of the costs of a data breach
3. Build a Security Culture Within Your Organization
It’s one thing to have the policies in place, but it’s another to change behaviours. Building a strong security culture that is understood and embraced by staff can shift how your organization approaches security, privacy compliance, and Internet safety.
Ideas to implement:
- Confirm IT hygiene is maintained at all levels of your organization
- Keep software and operating systems up-to-date
- Secure wireless networks
- Be diligent about backups
- Set up two-factor authorization
- Set up firewalls and other security
- Make privacy and cyber training part of your onboarding process
- Ensure your BYOD policy is a living document that is revisited frequently
- Reward and recognize those who do the right thing for security
- Encourage staff to report incidents
It’s one thing to identify security threats and recommend mitigations, but it’s another to make sure that they are put into practice on a day-to-day basis in your business. Cenera’s privacy and information management experts are skilled in developing workable information security policies and procedures for a wide variety of organizations. For more information on how Cenera can help you defend against Internet threats, call 403.290.0466.
Never miss an update, click here to subscribe to our monthly newsletter.