It is becoming increasingly clear how vulnerable organisations are and how vulnerable today’s society as a whole is. The impact of the various risks must be clear and security awareness is extremely important. Every employee at every level in the organisation must understand the importance and extent of security, understand his own individual security responsibilities and act accordingly. Even though the organisation stands for security like a house, it is as strong as its weakest link.
Changing society
If you look at the enormous speed of change we are facing in today’s society, we are often unable to keep up with it in terms of security technology. The digital world requires a high degree of control, while these issues often existed in the “paper” world, but were not so widely measured by the media. This gives you as an organization no longer a choice, you will have to respond to this. Together with your employees. Making these employees aware of the essence of safety at an organisation-wide level can often be a challenge. Frequently heard statements are: “There’s no need to create awareness,” or “We don’t have time for that at all!” People also often think that this is a task for system management and that they themselves have nothing to do with it. Problems can arise here. All an employee has to do is click on the wrong link, approve a report indiscriminately or store and/or destroy information in the wrong place. All this can lead to an increased risk, with all its consequences.
Man as a risk factor
Above mentioned cries often stem from ignorance. Logically, in the technical field a lot is being done to keep dangers out, but man as a risk factor has been an underexposed theme since the 1980s. While yours truly is the cause of most incidents! You can’t always blame people for certain actions, because if they’re not aware of the dangers, they can’t act on them either. Every employee must be made aware of the possible dangers and consequences of the actions they perform during work. Teaching employees this knowledge is essential for the quality of your organisation’s security.
In recent years, a great deal of attention has been paid to programmes that focus on creating awareness among employees. This is a good thing, but training alone is not enough. It is about the reason for giving such a training. Is the reason to be compliant from the point of view of compliance? Then we miss the goal! As long as people don’t have the idea to benefit from this themselves, an awareness training will not work.
Awareness through personal involvement
We are convinced that the best way to increase awareness is through personal involvement. This should be the common thread in training. Awareness should not only exist on the work floor, but should also be extended to the personal sphere. It only comes to life when one sees the dangers oneself and can use it automatically in one’s own work environment.