Human resilience is an important component to address for any company looking to improve their IT security. As an organisation, it shouldn’t just be down to your IT department to know best or to inform you on the basics of security in this day and age. Human resilience is achieved when you have a workplace culture where everyone understands and is aware of the very basic do’s and don’ts of cyber security and IT conduct. The idea is to change the perception of security and make it more of the following:
Approachable so employees feel they can discuss and enclose information to a senior member of staff without hesitation or fear of disciplinary action.
Accessible information should be in one centralised place where all employees can access and look over e-learning and policy material.
Collaboration between all staff and the IT department to work together on individual employee routines, that can be integrated while still adhering to company security regulations.
Human security is a topic becoming more common, especially with the rise in Phishing attacks and user awareness. The idea of a “Human Firewall” is slowly but surely beginning to resonate with organisations that there needs to be more done about the security on an internal level. While traditional security solutions are needed, they are made redundant if you do not educate your employees. 87% of IT Professionals said that careless employees represented a greater threat than cybercriminals (The impact of mobile devices on information security, Checkpoint 2017). Understanding how our employees work is vital in order to protect organisations. Additionally, with the introduction of the ominous GDPR coming into effect next May, companies agree that employees can be identified as the weakest link in an organisation, with 60% of Senior IT Executives regarding staff as the biggest threat to GDPR adherence (Blue Source GDPR Survey 2017, 200 Medium to Large UK Companies).
With the growing threat to IT security, it’s important that we look at our end users as extended security assets. The idea of human resilience is a progressive term that we’ll be seeing more of in the years to come as technology and cyber threats become more apparent, organisations will be looking towards securing the human factor as well as more obvious measures.