Haiko Fauth | August 02, 2018

How to prevent privacy disasters

As seen on CIO...

As "state of the art" your security tools may be: If employees and leaders are unaware of IT threats and responsibilities, your business is at risk. How to steer against.

With a good regularity, the headlines of the day remind us that the issue of security awareness in companies is still a highly urgent one. Recently, for example, the US electric car pioneer Tesla and smartphone giant Apple gotinto the crosshairs of innentaters, who are said to have stolen some secret information. On the one hand, this shows that even the big players of the tech industry are not immune to becoming victims of unintentional data outflows. On the other hand, how diverse the threats are that companies in all industries must now fight off.

A recent study by Wombat Security on the subject of awareness shows that the security shoe is pushing in very different places in different sectors. Obviously, there are knowledge gaps in the telecommunications industry (14 percent of questions answered incorrectly) when it comes to avoiding ransomware attacks, whereas in the defense industry there are gaps in terms of secure passwords (21 percent). Retailing employees, on the other hand, find it hard to spot phishing threats (26 percent), while manufacturing workers (24 percent) face problems with the secure use of social media channels.

These figures show that the level of security awareness has risen over the last few years - but there is still plenty of room for improvement. In order to increase the chances of success of their security awareness measures, companies should consider some general points in their conception:

Create awareness - with the right partner

In particular, many small and medium-sized enterprises are confronted with problems at this point: IT security specialists are still in short supply and the EU data protection regulation has since 25 May 2018 ensured that the topic of data protection training takes on a completely new dimension ( see Article 39 GDPR ). Accountability in this regard forces companies to work more with training than ever before.

So what can you do to ensure the holistic, high-quality and sustainable awareness of your employees across all disciplines - without having to beat them economically? Quite simply: you need the right partner. This should not only have experience in the IT industry, but also the necessary level of security expertise. The system house Bechtle, for example, can come up with both: With their "E-sensecurity" awareness program, the specialists offer a "code of conduct for information security in the company".

This is subdivided into different modules: The basics of IT security can thus be communicated to all employees, while managers and IT professionals can benefit from special specialization modules. Training is taught electronically by experienced consultants, subject matter experts, lawyers and auditors. The content can be retrieved at any time via tablet, smartphone or PC - all you need is an Internet connection and a browser. The advantages of Bechtle's E-Sensecurity at a glance:

  • available everywhere

  • Specialists impart knowledge

  • You decide what to train and when

  • Proof of learning content and participants

  • Users determine the pace of learning

  • Basic modules and special webinars for executives and IT specialists

  • didactically structured modules guarantee a high level of learning success

  • Time and cost efficiency

Do not waste time and make sure today that you will be spared phishing attacks, ransomware epidemics and DSGVO-driven fines. Talk to Bechtle!

Read this article on CIO