The fight against cybercrime is a constant challenge, and even businesses that invest a large budget into security software and in-house cybersecurity teams aren’t immune to cyber attacks.
There are lots of different ways that criminals try to penetrate companies’ systems, although by far the most common is through your teams.
Fully 90% of breaches start with human error, so making sure that employees know what to do when they receive a phishing email, or another type of attack is vital in preventing future attacks.
When a cybersecurity incident occurs, this is why it is essential that employees report the incident:
- You can react appropriately. The first and most important aspect of reporting is that it gives your internal security team notice that they need to spring into action to prevent data loss or system compromise.
- You can build training around the incident. You can use the incident as an example in training content to make it more relevant to your company compared to a generic example that some training providers use. Do ensure that the example is anonymised though, as highlighting a mistake makes people more likely to hide incidents in the future.
- You can collect data about incidents to look for patterns. Sometimes minor incidents can point towards a bigger issue that needs addressing, so employees should be encouraged to report every single incident, not just the major ones.
- You can communicate the incident to other employees. With the incident communicated, you can share it with your teams so they are aware of the type of scam and do not fall for it.
Importance of reporting incidents
In some instances, people might be afraid to report incidents, as they might feel embarrassed if they did something wrong like click on a link in an email. This is why it is important to communicate to the workforce how important incident reporting is and that the process exists to protect the business, not to identify employee errors.
Making reporting a non-punitive exercise and, in fact, rewarding employees which do report incidents is a vital part of building a positive cybersecurity culture.
How to report incidents
Every business should have its own process for reporting incidents, such as to a fraud team, or to IT security, for example.
The process should be clear for employees, if you have a company intranet site, you should publish your IT security policy and incident reporting process onto it for people to easily find.
Types of incidents that need to be reported
It is also a good idea to list all of the types of incidents that need to be reported. Some of the possible incidents include:
- Phishing emails.
- An attack on a website.
- Improper usage by an employee (including accessing dangerous sites).
- Scareware to buy fake antivirus software.
- Ad-based malware.
These are just a few examples but there are many more techniques and methods that hackers use and errors or unusual behaviour of internal employees should be reported too.
To ensure that your employees understand what to look out for and what course of action to take, our Incident Reporting course is the perfect solution. Book a demo today to discover how you can get access to our Incident Reporting course for your team and full access to our 55+ strong catalogue of cybersecurity and compliance courses.