Getting Ready for a New Year (part 3)
Security isn’t often at the forefront of the minds of most employees. Perhaps you have prepared for the year by working with your high risk groups about the scams of today. You have provided a Technology Safety Success Guide to the rest of the organization. Now, it’s time to focus on how to monitor cyber-success throughout the year.
As before, focus on high-risk groups first. Designate someone from the tech or tech-security team to:
- Check in every month about any suspicious communication. (They should be reporting phishing attempts regularly.)
- Solicit feedback on whether security controls (such as encrypted email) are understandable and feasible.
Simply by checking in, awareness is directed to the importance of policies and procedures around handling sensitive information and financial transactions. Remember, security controls must be seamless and easy to use; otherwise, they may be ignored or circumvented.
Next, establish regular cyber awareness updates for teachers and staff. This could be through an existing bi-weekly or monthly staff newsletter with a technology corner. Deliver relevant tips on identity theft prevention, email phishing scams, common social media pitfalls, etc.
Again, by regularly addressing these topics, their importance is emphasized.
Staying on top of security news
As the year progresses, keep track of trending cyber incidents. Use them to adjust your plans over the summer to prepare for the next year. For example, there will likely be a spike in W-2 fraud in January. Place a warning in your newsletter (or other channel) ahead of the new year reminding employees of these scams.
Below are some sites that monitor data breaches:
The best way to bolster cyber security is to keep it a current issue. Individual outreach to the most vulnerable groups and regular reminders to the entire organization help make security a priority.