Ned Baltagi, Managing Director, Middle East & Africa at SANS Institute advises organizations that this is the time to add a bit of coolness and fun into technology and help workers become more comfortable with basic cybersecurity and technology best practices.
Human behaviour towards cybersecurity practices or today’s greatest challenge – managing the risk of the pandemic, varies by individuals. Yet every social action or organisational behaviour has a consequence. By monitoring human activity and reinforcing positive actions to adopt safe cybersecurity practices or following safe-pandemic practices, organisations and human communities can benefit.
Designing applications that reward an individual with points and badges and display them publicly can help mobilize a positive movement. Gamification can help improve the level of compliance towards following basic cybersecurity best practices in an organization, the same way as they can influence communities to shun risky post-pandemic behavior.
Organisations criticise the lack of availability of technology skills and especially those of cybersecurity expertise. Yet both human resources heads in organisations and information technology heads do not realise that a lot can be achieved in their business by educating and motivating the workforce to adopt best practices of cybersecurity.
Many employees in the workforce can also be inspired to train themselves in cybersecurity skills to manage the basic administration of their devices and networks. With remote workforces becoming part of the post-pandemic workplace there is a human resource requirement to relook at the level of basic technology skills across the hybrid workforce. However, a gamification approach may be required to add an active element of interest around this activity.
Here are some basic tips on what administrators can do to kick start a cool and gamified approach towards technology:
#1 Personal information across Internet.
It is essential that remote workers maintain a clean record on the Internet. The post-pandemic phase has seen a disproportionate level of stress and readjustment and this may continue in the months ahead. But venting strong feelings and thoughts across multiple social media sites may just start working against remote workers and their teams. Threat actors are looking for such displays of personal information including family names, assets and other information, shared under duress, that can be used in phishing attacks.
#2 Break and fix technology and devices.
One of the fastest ways for remote workers to get comfortable and experienced is to allow them to build up software tools and use them to test the technologies at their remote workplace. Instruct remote workers how to spend hands-on time with technology, engage with technology, break it and then fix-it.
There are a lot of amazing free tools and resources available online for remote teams to work and play with. Some are easier to use than the other, and you do have to make sure you know where to find them. But open-source tools are a great way of expanding your tool kit and skill set.
#3 Build the technology lab at home.
If remote workers are at home let them feel comfortable to build a lab at home. Encourage teams to be curious about technology, allowing them to make mistakes. The more mistakes they make, the more they are learning. And more technology learning helps to boost a better understanding of cybersecurity best practices.
#4 Share technology experiences.
Get remote workers and teams to share their experiences. If you want to physically protect a building, you need to understand doors, windows, and structure. For information security, remote workers need to understand the basics of computer networking. Understanding how computers function and communicate is the first step in defending them from cyberattacks.
#5 Finding a mentor.
An experienced worker who is ready to engage with remote teams can boost the confidence levels of remote workers who may find themselves without support at odd hours of the day or night. With remote workers dispersed across the country and the globe, while working under the same work deadlines as they would in conventional offices, lack of face to face access to co-workers is often a huge demotivation. Informal mentorship can help plug such gaps and help to retain confidence in the organization’s technology set up across remote workers and remote teams.
On a final note, every remote worker has their favorite device, app, or feature. Use that as a starting point for them to explore, learn, share, and move forward. Conforming to and understanding the organization’s cybersecurity best practices may just become an easy ride for them as they plunge into technologies that help them to work better and better.
#6 Expand your skillset with CTFs and Ranges
Capture the Flag events are not only a great way to interact with your peers and like-minded individuals, they are also a great way to learn and apply new skills in a real-life situation. Playing either on your own or with your team and really help you hone your skills.