Designing Successful Cybersecurity Initiatives and Overcoming Internal Resistance
The slew of high-profile hacks that the world has witnessed in 2017 and 2018 have made one fact abundantly clear to all businesses – ensuring data security is not only vital for their brand but critical to their very survival.
Yet, a strong will or motivation to implement higher cybersecurity standards at the workplace does not guarantee a smooth organization-wide initiative. Internal resistance to change is normal. What exacerbates the situation is when IT departments design cybersecurity policies and procedures for employees in other departments without a clear understanding of their daily work. Such initiatives often go sideways despite good intentions. Here are some ways organizations can implement robust cybersecurity policies and procedures that their employees may actually follow.
Pitch Employee-Managed Initiative
IT heads cannot force the workforce to change their habits. They can only inspire them. One way of doing it would be to involve them in the process of formulating the cybersecurity policies. Present the entire workforce with the cybersecurity challenges that each department is facing and encourage them to suggest solutions to tackle them.
When the IT department incorporates the effective solutions suggested by the employees, the employees feel the ownership in the initiative and being an active participant in it. The ownership of an initiative goes a long way in implementing changes in an organization.
Take Steps to Make Them Understand
The rise in the number and intensity of high-profile hacks has created a growing awareness of cyberthreats among all internet users. However, they also create a misconception that only large corporations fall victims to hacking and that small and medium scale enterprises face no such threats. IT heads of SMEs should attempt to explain the cybersecurity situation to the workforce with facts, statistics, and even news reports of how hackers are increasingly targeting SMEs.
They should help the employees understand that a robust cybersecurity strategy is meant to make them unattractive for the hackers to target.
Create Demos
Penetration testing, white hat hacking, and hacking demonstrations are increasingly being leveraged by businesses to not only find vulnerabilities in their cybersecurity posture but also impress upon the different stakeholders the importance of a robust cybersecurity strategy. By exposing the employees to such demonstrations, IT heads can make a lasting impression on the minds of the workforce as to how important it is for them to follow the new cybersecurity protocols.
There are several businesses that provide these white hat hacking demonstrations as a service.
Create Positive Reinforcement
Employees feel good when they feel part of something important. For the success of a disruptive initiative like this one, the security protocols must be simple for them to follow and clearly convey how that simple step makes them and the organization more secure. When their actions make sense to them, they will feel more assured and invested in taking them.