An effective and sustainable security culture is about people and less about “big brother.” Think back to the last data breach you read; It probably wasn’t that long ago and likely had something to do with the loss of someone’s data or revenue. Data loss can even affect public safety and impact lives. We don’t often read about technology releasing data by itself. Fact is, it’s people that leverage technology to commit crimes using our data.
The Oildex commitment to protecting your data is our number one priority. We know this is not only driven and solved with technology but first by the actual people who serve our customers. Most of us know by now that employee threats are by far the biggest threats to any company. Cybercriminals feed off of people’s vulnerability to unknowingly give credentials, install malware or help them gain access to a network. Crowd Research Partners recently released their annual Insider Threat Report, the most comprehensive survey on the topic of insider threats. The report survey finds that 90% of organizations felt susceptible to insider attacks. We can always do better. It’s easy to forget what one innocent mistake, disgruntled employee or someone assigned too much access can cause:
- Business Interruption
- Customer / Public relations Problems
- Data Loss
- Expenditures Fixing the Problem
- Legal / Compliance Issues
- Reputation Impact
Our way of working has changed, and our mindset must continue to evolve, educate and innovate in the way we protect ourselves. To help fight the “Goliath” cyber battle, we set up an internal “Security Ambassadors” program. The goal of this all-volunteer program is to embed security into every business unit — to boldly build it in, reduce risk and foster an overall sense of trust. This trust ultimately creates a balance “sweet spot” between a needed level of security and maintaining productivity. Our customers then benefit across the board.
We also want to change our culture and mindset around security to make it more accessible and approachable. We’re doing this by empowering, training and continuously educating people across the organization with general security knowledge and the “why” behind it all. These passionate folks are advocates and dispel the black helicopter and big brother stigma often attached to the topic security in a collaborative fashion.
Next time you read about a data breach or hack, take a moment and think about how it could have been prevented by people. Are you doing your part? We have a shared responsibility, and every bit of it helps us solve for the future together.