Staff culture crucial to cybersecurity measures
Firms are putting their data at risk by failing to train staff on crucial cybersecurity systems and processes.
Fraser Jack, founder of The Cyber Collective, said it was crucial that firms not only put the relevant security but that they taught their staff to use it as research by CoreData had found only four in 10 firms were training their staff.
Jack said: “It’s one thing to have a policy in place then you need to put it into reality, that’s the process, and then you need to ensure your staff understand it.
“There is a big risk in not training your staff on phishing and vulnerabilities. To be cyber secure, staff need to understand how to protect their data. That’s not just once a year, that should be ongoing training, it’s about being aware.”
He recommended breaking up the information into bitesize chunks which could be covered on a regular basis including working from home security, email vulnerability, using public Wi-Fi, phising, two-factor authentication and the firm’s specific systems and processes.
It was also important to have a designated member of staff, separate to the IT team, who could ensure this was enacted and answer questions from staff.
“You need one person in the business who can champion this and help other staff out. It’s about knowing where they are going wrong and how they can fix it, someone needs to take that leadership charge because IT will set up the technology but then it is up to humans to ensure it is followed.”
Jack recently spoke at the FPA Professional Congress in Sydney and said many people came up to him after the session to share their experiences.
“There were some emotional responses to the session, people felt triggered to share that it had happened to them. Until then, they had felt silly or unable to share and had only told the relevant parties.
“The session made people realise that it could have been them, it could only take one colleague clicking on an email for a breach to occur.”
AUTHOR
Laura Dew
Recommended for you
The role of alternative investments is to diversify a portfolio and capture differentiated sources of return, according to UBS Asset Management.
Private investment opportunities are moving up on the list of what investors want from their financial advisers, according to Natixis IM, and over half of firms say they are offering them more strategies.
Two asset managers have each expanded their product suite with the launch of new global equity funds for Australian investors.
Perpetual has confirmed it is in exclusive talks with global investment company KKR regarding an acquisition of its corporate trust and wealth management businesses.
Add new comment