you're reading...
FEATURED ARTICLES, Industry Contributor, Op-Ed/Blog

Who’s In Charge of Keeping Your Company Secure?

Even if your company has strategies in place to handle malicious attacks on your security, you may still be at great risk for insider threats.  Why? According to a Forrester study, “insiders” were involved in 39 percent of data breaches—of that 39 percent, 27 percent came from inadvertent misuse of data by employees, making your Human Resources Manager as important to your security as your Facility Security Officer or Chief Technology Officer. Here’s why:

Employees are often reluctant to embrace what they don’t understand.  As talented as your tech team may be, when it comes to training mainstream employees they tend to use language and situations that are not always easy to comprehend and are not relevant to their day-to-day work.  Your Human Resources Manager will be able to keep the training focused on the basics such as password management, how to keep devices and laptops updated and permissions needed for data access—this makes it easy-to-understand for everyone.  “We’re teaching users that the security equivalent of simply washing your hands is simple, effective and easy to do,” says Mike Hanley of Duo Security.

Training isn’t a one-time activity.  You should create several training programs that address various security topics.  For example, spend time educating users how to spot suspicious links, how to keep their mobile devices secure and the importance of backing up data.  Your Human Resources Manager is trained on creating such programs that build-off of one another and leave employees well equipped to do their job in a secure manner.

Communication is key.  Whether there are changes in the security landscape or just basic reminders of the knowledge learned during training sessions, effectively communicating the information to employees is key.  From newsletters to mass emails, your Human Resources Manager will know the best channels to use to convey the information your tech team needs to share.  In addition, they will be able to track employee improvements—offering positive feedback to those who are finding success.

As you continue to put your internal security strategies into place, do not forget to include Security, HR, IT and Legal as they are often some of your best weapons against insider threats.

 Security First & Associates


About Security First & Associates

We not only understand Industrial Security and the Intelligence Community personnel security processing procedures, we are actual security consultants hired by Department of Defense contractors to provide guidance with IT, proposal review, facility & personnel security clearances, e-QIP, JPAS, establishing and auditing security programs nationwide. Act as the surrogate FSO or AFSO. Our team of security professionals can help to minimize risk by assisting with DSS assessment/reviews. We also offer JPAS, FSO & CSSO Training- Security is our Life!


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: