Cybersecurity 
St. Anna Children’s Cancer Research Institute (CCRI), located in Vienna, Austria, is one of Europe’s leading centres for paediatric cancer research. Operating in the healthcare industry
Security managers clearly understand the consequences of poor information security practices, but they often find it difficult to change employee behavior. Employees typically see security as a nuisance and as a result take the path of least resistance.
Making security a top of mind issue for employees involves a combination of education and behavior modeling. Here are some approaches you can use to raise awareness.
- The media reports on major breaches almost daily. Make sure your employees see these reports and understand the consequences of poor security practices. Publish a regular email newsletter listing the most recent incidents and include advice on good security practices.
- Communicate the importance of security in as many vehicles and as many times as possible. Send a quarterly reminder under the name of your CEO or CIO. Post best practices and lists of the worst passwords in common areas like coffee stations and near restrooms.
- Top executives set the standards for their organizations, so make sure they are on board with your security awareness initiatives. Annual reports and meetings on the health of the business should include updates on the company’s security progress. Ask top executives to kick off your security seminars.
- You should consider rewarding employees who attend security training, change passwords when requested, and share news and advice on your intranet. Financial rewards are not necessary; a simple certificate or newsletter recognition is enough.
