by Nick Santora
Retailers count on their customer service representatives to handle all sorts of issues, but are they prepared to defend against cyber attacks? With countless onslaughts happening around the world leading to data breaches and ransomware, this is why now, more than ever, cyber security awareness is of the utmost importance.
Your company’s employees have to become the first line of defense against potential hackers, and that is where security awareness comes into play. This is much different than training — the definition of security awareness is having or showing realization, perception, or knowledge of cyber security concepts. Essentially, this means surrounding your personnel with constant insights into cyber security risks. With security awareness training, you are teaching employees how to defend themselves with actionable tactics.
The most effective cybersecurity strategy is to train your employees at every level in the company on what to look for in a suspicious email that could be a potential phishing scam. Especially during busy shopping seasons, we see even more bad actors targeting frontline employees at retailers since everyone is so busy. So what can you do to help keep your customer service representatives safe during the peak holiday season and all year round?
Here are five ways to help keep your employees and customers safe from cyber criminals:
Security Awareness Training
Each and every employee needs to develop the soft skills that are needed on the cyber side to really understand how to block the bad guys attempting to hack someone through phishing and social engineering. Instead of just doing training once a year like an annual fire drill, think about how you can build a culture around cybersecurity.
Simulated Phishing Tests
A phishing scam starts with the hacker targeting one or more employees. The hacker will send a suspicious email, often using strong language such as “urgent” or “action required” to compel your team member to act before thinking. Simulated phishing tests can help to help teach everyone how to #BeCyberSmart.
Send emails to your employees reiterating ‘see something, say something’ to alert management if someone receives a suspicious email. Prevention of fraud starts at the frontlines, which is most often an employee’s email inbox. If you are using an internal messaging system like Slack or Teams, use this to post alerts about potential scams that could be targeting your employees.
No matter how small or large your team is, everyone from customer service up to the CEO is responsible for helping to keep your organization safe from hackers and bad actors. Building up your defense for cybersecurity involves getting each employee to work together since hackers will often target multiple people in the same company.
Many data breaches leading to ransomware happen because someone gave up their online credentials and an account was compromised. Remind all your employees to:
- Use strong passwords – make them impossible to guess and do not reuse passwords across multiple accounts.
- Turn on two-factor or multi-factor authentication (2FA/MFA) – this adds another layer of protection in the event a bad actor obtains a password.
- Add another layer of encryption – use a password manager (‘vault’) like LastPass to store passwords.
The game has changed for employee cyber security awareness training. It is no longer an overlooked HR precaution, and defeating cyber criminals has stepped into many companies’ spotlights. While many have implemented technical controls, and while they are extremely important in any great security program, they are not the ultimate answer. It is up to all of us now to do our part and educate ourselves on cybersecurity. We need to take this opportunity to learn and grow forward baking in these systems sooner so employees and be safer online.
Nick Santora is the CEO of Curricula.