Why Culture Defends Against Cyber Threats

Blog Post A Culture that Fuels Our Strategy

Think of cyber threats as a viral infection that can spread throughout your company. Consider also that you have the power to contain the infection and protect those around you from “catching it.”

The recent Wannacry ransomware attack brought attention back to the field of cyber security and cyber threats. As technology advances, an attack on a single point of entry can escalate into a system-wide issue that may paralyze a company internally as well as its stakeholders, suppliers, clients, etc.

While these attacks are as inevitable as the yearly flu, a corporate culture that fosters open and honest communication can protect you from system-wide paralysis. Ask yourself these simple questions to assess whether the risk of Cyber threats is heightened within your company:

  • Are people in the company comfortable and brave enough to declare breakdowns and unsafe behavior when using connected devices?
  • Does the chain of command in your company allow for news to spread quickly without the risk of retaliation?
  • What are the unspoken, but common, rules of operation within your company when something goes “south”? Hide or acknowledge the problem and solve it collectively?

These simple questions—that you can answer simply by walking around the company—bring forth the most likely reaction to a cyber attack. “Catching” an attack significantly limits the impact it has on the company and its stakeholders. It alerts IT early so that they can take measures to limit the spread.

The next question is how you create the corporate culture that can save you when you are attacked.

Cyber security is a company-wide concern, not an IT-department exclusive
Most of the work done is done via electronic devices. A healthy IT system ensures that the productivity of the company remains strong and that the company stays afloat. Remind everybody in the company that they are part of the IT systems and with that comes a responsibility to stay safe and acknowledge the risks. IT is no longer the prerogative of the IT department. We are all part of it.

Create an environment of trust and no retaliation
More importantly, you need to commit and follow through with assuring your employee that they are safe when acknowledging potential cyber risks. If they fear retaliation, they are most likely going to hide the issue or trying to solve it themselves out of a desire not to look bad. Trust invites honest conversation and allows for catching the risk early.

Empowered employees who have been enshrined by the responsibility they carry for cyber security and are backed by an environment of trust are your best assets against cyber security.