Develop Security Awareness and Vigilance
1. Leverage basic cyber security training – Ensure your staff understands what types of cyber threats to be alert for and why this knowledge and awareness will help protect themselves and the organization.
2. Foster a workplace culture of awareness to encourage employees to make good choices online.
Identify the behavior you want to change and develop a cybersecurity strategy that targets cyber expectations.
Define what success looks like through guidelines and policies.
Continually reinforce cybersecurity hygiene as you would other workplace hygiene (e.g. hand washing, professionalism, etc.).
Create incentive structures that promote the formation of good habits (e.g. recognition for good behavior, loss of privileges for persistent reckless behavior).
Don’t forget to make it fun in the process!
For more resources on security awareness training visit https://www.cisa.gov/