The words have a futuristic sense to them but the issues are real and alive today. In our data storing and gigabyte gobbling world what does it mean to us and what should we do?
I reckon I am pretty PC literate, know my way around a keyboard and can hold my own on social media but the dark world of cyber activity, hacking and malware is another dimension. Is that important? I attended a seminar on Cyber Security – risk and responses organised by UEL which covered the topic from a variety of perspectives. My lasting observations from the seminar are that this represents a real and present danger to all of us from a “user and store” of data perspective and from that as an individual member of any community and life.
The People Impact
The real problem is not the wonderful world wide web, it comes down to people. The weakest and strongest link in any cyber security process or protocol is people. People make mistakes either intentionally (malicious intent) or unintentionally through either ignorance, lack of personal competence or genuine mistake. So, your policies, procedures and practices in relation to people may be the best form of defence and risk management.
There are proactive ways in which you can take steps to protect your business from cyber activity:
- Contractual terms – ensure that your contracts of employment have express terms that influence employees’ behaviour during and post-employment especially in relation to the management of confidential information, security and access requirements, and notice period provisions.
- Policies and procedures define the boundaries and the “rules of engagement”. Cyber security measures would have relevance in many of these not least the following policies Use of Mobile Device, Social Media, IT and internet use and express terms in the Disciplinary Policy.
- Training everyone to understand the obligations we have in relation to data protection, the ways in which systems can be breached and the warning signs of potential risks. It is important that everyone knows and understands the company’s strategy on IT protections, how this can affect them daily and what protocols need to be followed. This should be a companywide initiative sponsored by a key influential figure to embed the training, change behaviours and culture.
These measures may mitigate against any possible breaches or attacks and they will put in place the bricks and mortar for any necessary reactive measures, including disciplinary action. It may be a possible new world but the remedy is as old as the hills. It will come down to policy and process, investigating to find evidence (which may require specialist skills) and taking reasonable action which are proportionate to the circumstances. The threat may come from a new world, the implications and possible outcomes could be devastating for businesses as we all rely on internet access, data storage and systems to function daily. The remedies are in the HR toolkit, however you may need to sharpen your tools to manage these ever-evolving challenges.
Gravitate HR can help draft and develop your HR documentation to cover these scenarios and ensure your business is protected whilst giving you peace of mind. Give us a call on 0131 225 7458 to find out more.
Image Courtesy of typograpghyimages