What PR pros need to know about preventing human-error cybersecurity breaches
By Bre ChamleyMay 15, 2022
You are human, and you make mistakes. As public relations, communications, and marketing employees, you constantly use a computer to do your job. You go through emails, write material, make content, and communicate with clients, coworkers, and media on a daily basis.
Consistently using your computer for your work only increases your chances of falling victim to a cyberattack. According to PurpleSec cybersecurity statistics, around 52% of data security breaches are caused by human error or system failure. Therefore, you must be as cautious as possible and actively on guard.
Audio: Listen to this article.
We are a trusted public relations advisor to cybersecurity companies and organizations seeking helpful expert guidance on corporate communication before, during, and after a cyber attack. To help you prevent as many human errors as possible, follow our tips for securing your digital footprint.
Determine if you’ve had a data breach.
The first step is to see if you’ve actually had a data breach. You need to know this before you take any more precautions to secure your data. If you are subject to a data breach, then you need to change the passwords for any compromised accounts immediately.
Use secure passwords.
To secure your passwords, you must create ones that are strong and unique. You can do so by coming up with passwords that are around 12 to 15 characters long with at least one uppercase letter. A good way to accomplish this is to use a random phrase that's memorable to you (e.g., HappyFeet or PuppyChow). Then, you can substitute parts of those phrases with other characters, such as replacing the E’s in HappyFeet with 3s. You can also add other characters to the end of the phrase, such as percent or dollar signs. Also, never use the same passwords for different sites or programs, and never share them via email.
Use a password manager.
Once you have secure passwords, you need to make sure to remember them all. You can do that by using a secure password manager. A password manager is a tool that helps individuals and businesses securely store and manage their login credentials. It’s also used to generate secure passwords, as well.
Use multi-factor authentication.
Another way to help secure your information is to use multi-factor authentication. This just makes sure you are the person who’s supposed to have access to an account. It often requires a code sent to your email or phone number, or sometimes even Face ID.
Download a VPN.
You can also download a VPN to encrypt your internet traffic so your information can’t be intercepted. It is necessary to use this VPN when doing work remotely from public Wi-Fi.
Set up firewall security for your internet.
To protect yourself while working from home or somewhere with your own private network, you should use a firewall. A firewall is a set of related programs that prevent outsiders from accessing data from your private network. In essence, it's like a more secure VPN for your personal Wi-Fi network.
Make backup copies.
Make sure to regularly back up important data on your computer. This includes databases, financial statements, Word documents, spreadsheets, important files, and receivable or payable information. In case of a cyberattack, you will still have the backups of that important information available so it’s not completely lost. You should back up this data at least weekly, but preferably this sort of backup should occur automatically. Then, store this backup information either in the cloud or off-site.
Limit employee access to information.
Another way to keep information safe is to simply limit the people who can access it. The fewer people to access it, the less likely there will be a human error that leads to a cyberattack. If a cyberattack were to occur, this process would limit the information available to the hacker because each employee only has so much information on their device.
Train employees.
Lastly, you need to train your employees. Without training, all the other cyber-practices won’t get you far. The other practices help prevent or limit errors employees make. However, you need to stop the issue from where it stems: human error. To do so, establish basic security practices and policies for employees, such as those listed above, and establish appropriate guidelines that detail penalties for violating company cybersecurity policies. You also need to have a set of rules that describes the actions employees must take to protect customer information and other important data.
To train your employees, you can have them attend SBA training sessions, virtual or in-person cybersecurity events by National Cybersecurity Alliance, or Hubspot webinars on cybersecurity.
It’s crucial for employees to be trained about cybersecurity and for them to employ these practices in their everyday work. These trainings and cyber-practices will ultimately help your company reach military-grade cyberattack prevention.
If you're currently experiencing a cybersecurity incident, book a crisis cybersecurity consultation. Not under duress and looking for help communicating about cybersecurity before a cyber attack? We can help you. Book a free cybersecurity consultation.
Photo by Dan Nelson from Pexels
Topics: cybersecurity
Comment on This Article