Since the number one cause of cyberattacks is insider accidents, healthcare leaders are increasingly searching for more effective ways of training employees on cybersecurity, reports TechRepublic.
One security researcher, Kelly Caine, PhD, argues that employees aren't inherently at fault for these cybersecurity mistakes. She says the way executives train employees lead to their IT weaknesses.
"It's actually executives, managers, system administrators, designers, and coders — rather than users — that are the weak links in information security," she told TechRepublic.
Here are three tips from Dr. Caine for executives and IT managers to improve cybersecurity amongst their workforce.
1. Know your users better. Understand what their good security behaviors and habits are compared to their bad security behaviors and habits. Then, decide how to reward the good and reduce the bad.
2. Eliminate outdated advice. Everything an IT executive does impacts the training and education of users, Dr. Caine told TechRepublic. For example, instead of recommending employees change passwords often and use a mix of special characters, it is best to choose a passphrase and change it only if there is a problem.
3. Simplify processes for users. Employees who are poorly trained or unsure of what is expected of them are often the source of a breach. Dr. Caine recommends leaders instill a security culture that addresses the needs and habits of employees.
More articles on cybersecurity:
13 receive 2017 Cybersecurity Innovation and Leadership Award