October is Cybersecurity Awareness month, and what better way to greet it than Facebook’s announcement on September 28 that its computer network was hacked, exposing the personal information of nearly 50 million people. At the risk of writing about Facebook too much, it’s worth reflecting on this breach because it’s a reminder that even (or maybe especially) the largest and most powerful companies are susceptible to breaches. No matter who you are or what size your company is, focusing on the security of your data is crucial.
Over the last few months, we’ve developed new Grovo Microlearning® content on data privacy and information security. We’re taking a modern approach to cybersecurity training, so that every organization and employee can understand the risks they face in keeping their data secure, and take the necessary steps to mitigate those threats. In the spirit of Cybersecurity Awareness month, here’s a recap of our recent releases:
In 2018, the security awareness training company MediaPro released its Eye on Privacy Report, in which employees were surveyed about data privacy best practices. When asked to rate the sensitivity of different types of information on a scale of zero to five (with five being most sensitive), only 53 percent of respondents rated medical records a five — a surprisingly low number given that healthcare data is often heavily protected under the law. As MediaPro founder Steve Conrad put it, “Companies could be doing a better job educating their employees” about the different types of private information.
Our new Data Privacy content will help employees gain a fuller understanding of the different types of private information that their companies manage. It will also teach employees best practices for responsibly collecting and using that data.
According to a 2014 IBM report, over 95% of security incidents involve human error as a contributing factor. Organizations do what they can to protect their information and thwart cyber crime, investing a lot of money in cybersecurity. But one of data security’s biggest threats is human behavior. Our new Information Security content seeks to minimize human error by empowering learners with straightforward, common-sense ways to protect their data from unauthorized access and use.
This content teaches employees about basic best practices for minimizing data security threats. It also helps learners identify phishing attempts, which are the most common form of cyber attack.
The E.U.’s General Data Protection Regulation, or GDPR, went into effect back in May, but it’s worth revisiting what the new regulation means for your company. Many companies don’t understand the geographical scope of the GDPR, specifically that it could apply to any company anywhere that processes the personal data of citizens of the European Union.
Our GDPR content is geared toward helping everyone understand some of the provisions of the GDPR, including relevant definitions, potential applications, and penalties, that will help organizations understand their required level of compliance.
Don’t Wait to Take Security Seriously
The risks of cybersecurity threats are real and can impact every company, big or small. Don’t wait till after you’ve been affected to take it seriously. Start training your people on the best ways to keep your company’s information safe with one of our lessons, Minimize Data Security Risks.