Have you ever gone to bed and had that nagging feeling that something wasn’t right—then you had to get up again because you’d forgotten to brush your teeth? (No? Just us forgetful ones then…)
That’s the aim of embedding cyber security into your business:
- cyber security considerations and actions should become part of your routine activity
- you should feel uncomfortable when you’ve forgotten to do something, something is missing, or something is just not right
- and your cyber security practices should be checked regularly—both that it’s working (the results) and that you are doing it ‘right’ (whatever ‘right’ is in your case).
It’s not always easy to get everyone into the cyber security habit. Think about how long it takes to get children into the routine of brushing their teeth. They don’t really understand why, they don’t usually get it right to start with, and it can get in the way of something they’d rather be doing.
In the same way, integration of cyber security actions into the business routine:
- needs explanation, so that everyone understands the reason for it
- needs repetition—according to a research study, it can take an average of 66 days for a habit to become automatic
- shouldn’t get in the way of the fun stuff—look for ways to smooth the secure path. (Take a look at our post on usability and security)
- and the success of your cyber security habit-embedding programme should be checked regularly. Do people understand the why? Do they act on it? Are they doing the right things, the right way? And is the programme working to help secure your business?
If you’d like help with cyber security in your business, contact us on 0113 733 6230—or use our contact form—whichever is easiest for you. We’ll get back to you as soon as we can.
