Snap Decisions Can Have Severe Consequences
The webinar demonstrated how easy it is to make mistakes with significant repercussions. One of the speakers, Gareth Thomas, Security & Awareness Manager at Lloyds Banking Group, gave a live social engineering example, effortlessly obtaining a birth date from one of our other webinar contributors! This simple example highlighted humans’ susceptibility to make snap decisions when stressed, tired, or distracted, compromising security. Ensuring employees have the time and mental space to make informed decisions is crucial to mitigate this risk.
The Personal Impact of Cyber Security Breaches
Speaker Lindsay Kohler, Lead Behavioural Scientist at Scarlett Abbott covered the profound impact cyber security breaches have on individuals. Being tricked into sharing sensitive data or transferring money can take an emotional toll, with feelings of guilt, shame, and loss of trust being common. Protecting and supporting these individuals is important, fostering a culture of learning and improvement rather than fear.
Cyber Security Parallels with Health & Safety and Diversity & Inclusion
Our speaker, Simon Richardson, Founder at ITogether made a striking parallel between cybersecurity and other critical organisational issues like health & safety and diversity & inclusion. Compliance with rules alone is not enough to foster the right behaviours. Instead, organisations should aim for commitment, where employees take the right actions because they believe in their importance. Cybersecurity today is akin to health & safety in the 1970s. There is still much work to be done to instil the same level of understanding, belief, and commitment.
Empowering Employees as Part of the Solution
It is encouraging to see organisations recognising their people as integral to the solution rather than just a risk. Gareth gave examples of empathetic and innovative training methods employed by Lloyds Banking Group to can cut through fear and jargon, driving the right behaviours. Collaborative approaches can embed cyber secure practices into everyday work, making security a natural part of the workflow.
The Debate on Phishing Tests
The discussion on phishing tests was particularly lively. Opinions were split; some see them as essential, while others find them problematic. Phishing tests are useful indicators of awareness. If employees are clicking on suspicious links, it suggests gaps in basic cyber security practices. However, they should be one of many tools used to gauge and improve a cyber secure culture. A comprehensive engagement plan touching on various aspects of cyber security is essential.
Looking Forward
Overall, the webinar underlined the need for a holistic approach to cybersecurity, with human behaviour as a central focus.
For more insights on employee engagement please get in touch
Call us on 0113 341 0123
0 Comments