Security Awareness

October 2009 marked the Department of Homeland Security’s sixth annual Cyber Security Awareness Month. The theme for the year was Our Shared Responsibility. This was chosen to remind Americans that the duty to act responsibly online falls on each of us, in government, in the workplace, and at home.

As a small business, it will be important for you and your employees to remember why cyber security is a priority. What are your critical assets? Are they internal processes, information, client databases…more importantly, your reputation? Whatever your business prides itself on; chances are those assets could be critically damaged in a cyber attack. If this were to happen today what would be your first step?

The best way to approach cyber security is to simply first accept that there is a problem (remind of any 12-step processes?). The time to understand the depth of cyber security and plan for how to deal with attacks or compromises is NOT just after your first attack. Second, communicate. Talk to your employees about safe usage of the Internet and your system. You can never communicate too much. Many of the employees of the companies listed here have served in the military – they all need to go through an annual refresher on IT security, both from a theory and a practice perspective. You should do the same. Take the proper time to understand the current threats facing your business. Develop a business plan that dedicates the necessary resources to cyber security in order to effectively secure the assets of your unique business. And praise employees to bring up new threats or identify vulnerabilities in your current system.