https://www.forbes.com/sites/forbestechcouncil/2019/09/05/cybersecurity-regulations-10-ways-to-encourage-employee-compliance/#81189acead3d
I found this to be interesting, because one of the major hurdles that organizations face is that the employees pose a large risk to information security. If staff are not trained well, they can be the gateway to either initiating a threat or being duped into allowing an attacker inside. The struggle is often not about coming up with good policies, but is about getting employees to adopt them. This article introduces some nice ideas for how to fix that.
As I was reading through the Forbes Article titled “Cybersecurity Regulations: 10 Ways To Encourage Employee Compliance”, I found that there was a large emphasis on getting individuals in the organization to feel as though the risks of a cyber security breach also influenced them personally. I found that quite fascinating, as it takes into account the typical human psychology of “fending for yourself” and attempts to manipulate it so that employees feel obligated to follow appropriate procedures and guidelines in order to protect themselves, and in parallel the organization as well. I also found it quite entertaining how they also recommend the use of anecdotes and humor to get the significance of participating in safe IT practices across.
Hi Daniel.
I like this topic because human error is always one of the top vulnerabilities inside the company, and it is always hard to get employees really get involved in the security procedures. From reading the article, I prefer the rule number 5 “Make The Procedures Impossible To Bypass.” Even though the article did not mention a detail achievable procedure, but I think it is the most effective way get employee involve by giving no them no choice to bypass the procedure.
Hi, I agree with you. This is an interesting topic that every enterprise must concern about establishing awareness and guildance in IT security. Increasing user’s awareness is the most important key to protect risks. 10 ways which the artitle explains is reasonable, easy to follow and can apply to every organization.