Comment on Mentorship Monday - Discussions for career and learning!
arcosenautic@lemmy.world 5 months ago
Not strictly career related, but how can I make regular people aware of the importance of cyber security in day to day work? My nontechnical colleagues really brush off security as an optional measure and it’s really pissing me and my coworkers off.
scytale@lemm.ee 5 months ago
Does your org have a security awareness program? It would easier if you can mandate some training or at least some brownbag meetings where you can present some basic security pointers.
arcosenautic@lemmy.world 5 months ago
I work at an educational institution that doesn’t really prioritize security, or anything IT related for that matter. We are a very small team (3 people) and we can’t really enforce any institution-wide training. We send regular PSA emails and that’s about it.
Of course, we have control over password policies and external access through workspace management tools, but we don’t have control over a lot of higher-up decisions. I wish I could enforce even stricter password policies but it’s just not possible for the higherups.
I was thinking of raising funding for some sort of cybersecurity day event at the institution, but when it comes to funding, you know how generous educational institutions are.
scytale@lemm.ee 5 months ago
Ah, yeah I feel you. That’s indeed an uphill climb especially if the higher ups themselves do not support you. I think a cybersecurity event is a good way to do it. If you end up getting smaller funding, you can also do short brownbag meetings with free snacks and/or giveaways. Free stuff is always an incentive for people to attend. Keeping events short (30 minutes or less) also helps. Then make your presentations interactive, instead of just lecturing do’s and dont’s to employees. Do scenario based discussions and let employees come up with ideas/solutions. That reinforces the knowledge if they “come up with the answers” and you validate them.