Importance of Interviewing Employees
Keeping your employees engaged with your standards and practices can be a challenge. This is especially true now that the pandemic has introduced a remote working culture. The new climate makes managing your business’ cybersecurity that much harder. In the first few months of the pandemic alone, the FBI saw a 400% increase in cybercrime. This means you might need to begin interviewing employees.
Employees spend more time on social media, use unsecured personal devices, and engage in unsafe practices. This can be a clear security issue like using the same password for multiple sites… Or it can be something as innocent as using a telehealth service. In all of these areas, there is a danger of cybercrime. While you can use security management software to quantify some statistics, there is an important resource you might not be using.
Now, it’s important to interview your existing employees more than ever.
Why Should I Interview My Staff?
Part of establishing a robust security program is gathering information about where your organization currently sits with its cyber health. Without interviewing your team, this is next to impossible. We like to say that security software can only go so far, especially here.
For an example of why it is so important to make sure everyone’s on the same page, consider the summer of 2021. Colonial Pipeline was forced to pay a nearly $5 million ransom. Hackers gained control over their networks due to internal negligence. The hack could have been avoided had security teams recognized and mitigated risk. Hackers gained entry into the company’s network through an unused VPN account that remote workers used. Though the account was not in use, it could access sensitive company computers.
Prevent Phishing with One-on-One Interviews
Reviewing your employees’ online habits can be a great moment to impart more training. With the new advent of ransomware and phishing scams, cybercrime costs have passed the $1 trillion mark since 2018. One of the most common ways phishing scams begin is to reach out via VoIP and emails. These will often reference payroll, taxes, insurance, or COVID-19 relief information. In addition, they may use spoofed email addresses that resemble official email addresses used by your business.
Remind your employees that they should double-check any emails that seem important. They should also never click links in an email without being informed of the content at work. Ask if computers have been sluggish or draining battery rapidly. An increase in data usage can also indicate an attack or compromised device.
How Often Should I Interview Employees?
It’s important to maintain a common understanding of your cybersecurity situation. You should interview an employee any time they have a concern and allow them a way to voice these concerns. Being able to report attempted attacks is extremely important. This applies to cyberstalking and harassment, as these problems can quickly grow. Avoiding liability is just one reason to interview employees about their cyberhealth.
Considering how immediate threats develop, a good rule of thumb is to hold quarterly interviews. Chances are, you need to be more aware of your cyber health situation. Arruda Group can help you get your security program established and implemented. Once that happens, your interviews can target specific areas you’re concerned about. We can help you identify these potential vulnerabilities, as well. Visit our website or call us today to learn more.