5 best practices CIOs and CSOs need to implement
Best practices to improve cyber security among users are:
- Create awareness programs. Awareness efforts should combine education, communications, cheerleading, entertainment, and incentives.
- Provide organizational and cultural leadership. Senior and Executive management must make cybersecurity awareness and good online behavior part of the corporate culture.
- Notify end users of policy violations. Rather than blindly enforcing policies, companies should use electronic notifications to educate employees as to why their actions were blocked.
- Implement proactive spear phishing. Sending bogus but authentic-looking emails to internal employees to see if they actively click on links, install software, or open attachments. Then sending the employee a notification of what just happened and reminding them about best practices.
- Provide meaningful communications. The security team should keep everyone up to date on what and how they are doing.