Last year was like no other, and it pushed businesses to change the way they view their operations. As many employees shifted to full- or part-time work-from-home arrangements, companies were forced to rethink how to communicate, share data, and safeguard confidential information. At the same time, the pandemic led to a spike in cybercrime
, with nefarious characters taking advantage of new work situations, distracted employees, and less-than-optimal security measures.
According to Shred-it’s 2020 Data Protection Report
, the number of data breaches was already on the rise prior to the start of the pandemic. More than four out of ten (43%) C-suite leaders indicated their companies had experienced a breach, and 65% expect to experience one in the next five years.
Not only have the chances of experiencing a data breach gone up compared to 2019, but the financial impact of these events has also increased, with the average cost growing from $3.54 million in 2006 to $8.64 million in 2020
. Business leaders are concerned about the mounting financial risk: 89% of C-suite executives
and 49% of small business owners anticipate significant financial impacts should a breach occur. Moreover, 48% of C-suite leaders and 32% of small business owners felt that a data breach would harm their company’s credibility and reputation.
Training Improvements Should Be the Number One Priority
In the new year, companies need to focus on information security training, making sure their policies are up-to-date and staff are fully aware of how to comply with them. According to the Ponemon Institute
, employee training is a significant mitigating factor in reducing the total cost of data breaches. Unfortunately, more than half (54%)
of small businesses and nearly a quarter (24%) of larger ones do not offer regular training on information security procedures and policies.
So how can businesses better educate their staff and keep the topic fresh for 2021? Here are five strategies to consider:
- Commit to multiple learning opportunities. Data security training should occur more than just once a year and involve diverse formats, such as online training, examples discussed at staff meetings, and random security checks and walk-throughs. Key topics to address include how to safely dispose of confidential papers and what to do with end-of-life electronic equipment that houses sensitive information. This is especially important if employees frequently work from home. Nearly 9 out of 10 (86%) C-suite executives and 65% of small business owners believe the risk of data breaches is higher when their employees work offsite. Having clear disposal policies and regular training can help staff understand how to safeguard data even when they are outside the office.
- Keep best practices in sight. Visual cues can nudge employees toward good habits. Posters in high traffic areas that illustrate Clean Desk Policies and Shred-it All Policies are a cost-effective way to cue employees to proper procedures. Other strategies may involve sending periodic reminders via email or text or making data security policies accessible on your company’s intranet.
- Frequently communicate about the topic. Talking about data security can keep staff focused on the issue. Consider starting meetings with a “data safety moment,” where managers and employees discuss data protection. This may entail sharing best practices, asking questions, walking through examples, or offering reminders.
- Start training at onboarding. Employees should receive comprehensive data security training whenever they begin a new role, whether they have just joined the company or switched to a new position. Using a checklist can ensure you address critical topics.
- Consult data security “champions.” These individuals should be passionate about information security and willing to assist other employees with any challenges. This type of resource should be available to office-based and work-from-home employees to address any issues that arise as staff move to different work settings.
for more information about how Shred-it can help you keep your information secure
for the new year.