Employees and Cyber-Security:Thinking like Hackers
This year, 2017, hasn’t been the best for companies all around the world when it comes to the matter of cyber-security. Given the fact that so many attacks have occurred, many organisations have started to shift their attention towards preparing their employees for a safer workplace environment through better cyber-security programmes. This will, of course, go beyond basic training exercises on protocols and changing passwords. These types of programmes have been rendered obsolete. In order to train your employees against organised hacker attacks, they will have to learn to think just like one.
At first, it is important to understand what a ‘hacker’ means and what he or she does. The first step is to erase everything you ever heard or read about hackers. The media does have a tendency to exaggerate the term and to point fingers towards cyber attackers even when it is not the case. The view on this matter should be broadened.
It has to be said that in the digital era, hackers represent model citizens. They are professional people who are very creative and resourceful. Curiosity is their main drive and due to this quality, they see opportunity in every problem. Furthermore, given the nature of their interest, hackers realise there are few limits to technology and usually display a bit of mistrust in operating systems and know that no piece of software is immune to bugs.
Understanding all of this about hackers is essential. Numerous organisations worldwide have already introduced their employees to the ‘hacker mindset’. Early results have shown a drastic change in perception and value regarding cyber-security, this automatically leads to a better security across all departments. And as an added bonus, curiosity and resourcefulness will become second nature to the employees. There are a few easy steps to which you can start teaching your staff to ‘think’ like hackers.
When something major happens in your company’s industry, it is recommended to encourage your employees to share their findings with the others. This doesn’t mean that everyone has to prepare a full 5-page report, just a few ideas that are worth mentioning. The idea behind this is to create a workplace where sharing information and thoughts are second nature.
Hackers obviously know what valuable data they are looking for and how to find it, usually searching for something valuable enough they can sell or blackmail the organisation for a large sum of money. This is important to understand when protecting your most prized possessions.
When your employees learn to share and work together to such an extent, it will help build an actual community within the organisation. It will also help create a sense of purpose around the company. Employees will become more and more vigilant of what is happening and will be more alert in detecting and responding to cyber-threats.
IT Competitions and Hackathons
Encourage employees and even offer them leave days in order to attend hackathons, even if they go to learn and observe. Events like these offer people the chance to disconnect from their day-to-day routine and think outside-the-box in order to solve various issues, which basically describes the process of hacking. The general idea of hackathons is to enable people to flex their brain muscles into thinking in new and creative ways in order to solve problems. Through these exercises, teams manage to avoid one-dimensional group thinking and tunnel vision. Due to the complexity of the exercises, it makes participants and viewers alike more curious of the things happening around them, which is at the heart of a proper cyber activity.
If you wish for your employees to have a more hands-on cyber-security experience, you could arrange for company-wide competitions and games that will enable employees to figure out how cybercrime happens and the means to minimise or stop it. You could also use this opportunity as a means of developing a plan of action which allows security teams to respond as soon as possible. You can plan ahead of time and approve the necessary actions the company must take when malicious activity is detected.
Introduce the idea of interdepartmental collaboration in the company’s bylaws. This will enable people from all areas to communicate more and offer support when difficult challenges arise.
Even if your organisation has the best security team there is on the market, we all know that humans are bound to make mistakes, it is in our nature. When the same people are looking at the same lines of code all day every day, it’s only a matter of time before something important gets passed them. The most security-conscious companies tend to invite security experts from outside the firm in order to help identify any mishaps the security system may have.
Given the current and future climate of business it is quintessential we learn to think like hackers. If we manage to adopt a ‘hacker mindset’, you will not feel left behind by all the technological advancements. By embracing them and recognising their power and ability to make the world a better and safer place will not be good only for security but for the business industry as well.
Great People Inside provides easy-to-use tools and processes to attract, assess, match, select, onboard, manage, develop, benchmark and maintain workforces anywhere in the world.
Finding the right talent, the best fit for the job and your organisation can be a very challenging task. It requires deep knowledge of your own organisation’s culture and a keen understanding of the candidate’s personality, strengths, interests, work style and other characteristics. Our technology and solutions will do the work for you, helping you find employees who can flourish and reach the highest performance required to constantly bring your company forward.
Request a free demo: