- Share Cybersecurity Responsibilities within your Network
Everyone from Break Room to Board Room plays a role in Cybersecurity
November 08, 2016
By: GWB IT
All too often, cybersecurity is viewed as an IT problem; however, the most effective cybersecurity programs rely on much more than technical solutions to protect an organization’s information. In today’s environment, cybersecurity is truly a shared responsibility, across all people, processes and technology controls.
Everyone in your organization, from the break room to the board room, has a critical role to play. The Board of Directors is responsible for establishing overall policy and strategic direction regarding cybersecurity risk management. Senior management can execute cybersecurity strategies including:
- Implementing appropriate controls
- Assigning necessary resources
- Effectively communicating requirements to all employees
Employees are responsible for adhering to established policies/procedures and remaining diligent to potential cybersecurity threats.
Promote Cybersecurity Awareness to educate employees on relevant cyber risks. Cybercriminals often prey on human error, such as the desire to click on an interesting phishing email or use of a weak password. Simple actions that every employee can take to prevent a threat actor from being successful include:
Use complex passwords
Never use personal information or single dictionary words followed by a number or special character. The best passwords tend to be longer passphrases that include something meaningful to you and include a combination of upper/lower case letters, special characters, and numbers. For example, if you are a basketball fan something like N@ismith1891B@$ketb@ll is much more secure than Fido123.
Use unique passwords
Don’t use the same password twice, especially for online accounts. This will protect you if your password is breached, and limit the potential damage that a fraudster can cause.
Beware of phishing emails
Be skeptical of all emails, especially unsolicited emails that originate from outside your network and include web links or document attachments. If the sender is someone you do not know, the probability is high that the email could be a phishing attempt. The IT security team at Great Western Bank has taken several actions to assist our employees with potential phishing emails.
- Emails received from a sender outside of GWB are labeled as External email.
- External emails include one-click option to report email as spam
- A “Report Phish” button is embedded in our email app and used to report unsolicited emails
Report suspicious activity
If you notice something unusual with your computer or an application that you are working with, immediately report the action to appropriate parties.
As you can see, everyone at your organization plays an important role in maintaining a strong cybersecurity risk posture. Cybersecurity is not simply an IT problem. It is clearly a shared responsibility.
Nine Steps to Protect Your Identity
While data breaches are not 100% preventable (nobody can prevent all fraud or Identity Theft), we at Great Western Bank are often asked what you as a customer can do to reduce the risk of Identity Theft. The following tips are suggested.