Lockdown the threat: Learn how to be ‘cyber smart’

Looking back at the Cybersecurity Awareness Month of October, we have seen heightened discussions around the notion of what it means to be secure. This month poses as a reminder for organisations to continue to step up their vigilance. However, this month represents a small milestone in the ongoing efforts to encourage privacy-driven behavioural changes that many IT companies strive for. Such organisations have specific teams dedicated to the development and establishment of a security-first mindset. Not only do these organisations oversee training, knowledge and overall awareness around security, they also creatively plan initiatives and campaigns to drive these messages and practices home.

Even in a country like India, which ranks 10th in the global cybersecurity index, data breaches are widespread and cyber-security is fairly inadequate. Organisations are faced with new obstacles every day. Security teams leverage the month of October to educate their employees about possible security breaches and inform them about the correct practices for being cyber-secured through activities to help understand these practices in an interactive environment.

All-inclusive communications

It's essential to communicate regularly and transparently about security, particularly during Cybersecurity Awareness Month. These include global notification emails and contacts, private pages with educational data and introduction to relevant activities and courses, themed virtual backgrounds and more.

While these types of communications help in getting the word out, hands-on activities can also encourage behavioural change in adopting security practices. Virtual “Cyber Escape Rooms” can be arranged with exciting storylines and puzzles along with a leaderboard to create an engaging employee training experience. “Spot the Phish” programs can help employees discover what phishing schemes look like and how to avoid falling prey.

Educational panels on cyber careers and “Ask Me Anything”-style sessions also encourage learning and help build a culture of security. And, don't be afraid to gamify your training efforts. Contests like a virtual Cybersecurity Scavenger Hunt, or a “security meme” sharing contest can tie to the monthly theme and reward security learning.

Annual Efforts

A recent survey showed that 45 percent of adult Indian internet users faced identity threat in 2020, which is about 2.7 crore citizens – over 2 percent of India's entire population. If cyber threats are frequent throughout the year, comprehensive security programs must be put in place to combat them. Besides the monthly efforts, organisational security teams must initiate programs to reinforce learning. Role-based education for select operators, such as those with specific privileges, script or editing code access must be ongoing. Refreshers on security training specific to regulation and compliance obligations are also recommended. Building security knowledge content for applications by sales, customer success administration, solution architecture, and technical assistance can help transform an organisation's cybersecurity culture.

Educating employees about cybersecurity has become not just a priority but a necessity. Through committed support and training, employees can better recognise cyber threats and work towards a common goal of building a culture of security. At the end of the day, security is everyone's responsibility.

(This article has been written by Sameer Raje, General Manager & Head of India, Zoom Video Communications Inc.)