Many data breaches are a result of human error. There are also many types of breaches. Cyber Breach Communications Handbook authors Peter Coroneos and Michael Parker state the following;
“Every Company should expect a Cyber Security Breach.”
So, how to interpret this statement in line with the issue?
IT departments are not solely responsible for the issue. HR should address the cultural issue also in line with following proper procedures with all areas of IT use.
The reality is that someone may open an email they should not have opened, possibly in unison with a lack of proper firewall protection from an IT departments fault, or even brought in a USB stick and used it in a system they should not have. Responding to this risk should be looked at as an opportunity for HR to change the attention of vulnerability sensed by employees at the front line. Desktop notices, notice boards and added emphasis at inductions are all useful tools for awareness of the security risk.
However, policies and procedures are vital in these scenarios, and awareness can be built in to these operational programs to ensure security is a constant reminder, and employees are also acknowledging receiving the most current expectations and guidelines of the company or institution.
Procedure Rock has the features which ensure policy discipline and reduces risk to the minimum. Build your Companies Server side and employee side operations and expectations into your membership, and have a constant updating function to reduce your risk and guide your staff efficiently and accordingly.