Protecting Your Business Starts with Your People

In last week’s article for Cyber Security Awareness Month we discussed the foundational documents you need as part of your cybersecurity plan: 1) the Information Security Policy and 2) the Incident Response Plan. Just as important as having the right policies is making sure your employees are trained to recognize and respond to cyber threats. PCI compliance requires that every member of your team receive baseline cybersecurity training each year —and that training can make the difference between a close call and a costly breach.

While next week’s article will discuss the various technologies you can implement to protect your business from cyberthreats, even the best technology can be defeated by one careless click. Studies show that human error contributes to as many as 80–90% of cybersecurity breaches, most often through phishing, weak passwords, unauthorized access, or misuse of credentials. Your employees are on the front lines of your defense—and their awareness is your best protection.

Training for Every Employee

Every employee should receive at least 15 minutes of cybersecurity training each year, covering password security, multi-factor authentication, safe web browsing, email protection, and how to handle outside devices. Depending on their role, additional training may be needed on cyber-physical security, remote work safety, or management-level protocols.

The good news for Ace retailers is that DilSe.IT has partnered with Ace Corporate to make these important training classes available to you via Ace Learning Place. Access training resources on this AceNet (requires login credentials).

• Cybersecurity basics (for everyone)
• Cyber-physical security (for leaders)
• Be safe online (for employees who spend significant time on-line)
• Management best practices (for managers and owners)
• Securing your business (for owners)

We recommend including cybersecurity training in both your New Hire Learning Plan and your Annual Learning Plan for all roles. Building a security-conscious culture means reinforcing good habits weekly — recognizing employees who report suspicious emails, reviewing cyber-physical threats in huddle meetings, and making security a shared responsibility across your team.

A single careless click can cost your business more than fifty stolen power tools. Don’t wait for a breach to reveal your weak spot — train your team today.