Staff culture crucial to cybersecurity measures

FPA/cybersecurity/

6 December 2022
| By Laura Dew |
image
image
expand image

Firms are putting their data at risk by failing to train staff on crucial cybersecurity systems and processes.

Fraser Jack, founder of The Cyber Collective, said it was crucial that firms not only put the relevant security but that they taught their staff to use it as research by CoreData had found only four in 10 firms were training their staff.

Jack said: “It’s one thing to have a policy in place then you need to put it into reality, that’s the process, and then you need to ensure your staff understand it.

“There is a big risk in not training your staff on phishing and vulnerabilities. To be cyber secure, staff need to understand how to protect their data. That’s not just once a year, that should be ongoing training, it’s about being aware.”

He recommended breaking up the information into bitesize chunks which could be covered on a regular basis including working from home security, email vulnerability, using public Wi-Fi, phising, two-factor authentication and the firm’s specific systems and processes.

It was also important to have a designated member of staff, separate to the IT team, who could ensure this was enacted and answer questions from staff.

“You need one person in the business who can champion this and help other staff out. It’s about knowing where they are going wrong and how they can fix it, someone needs to take that leadership charge because IT will set up the technology but then it is up to humans to ensure it is followed.”

Jack recently spoke at the FPA Professional Congress in Sydney and said many people came up to him after the session to share their experiences.

“There were some emotional responses to the session, people felt triggered to share that it had happened to them. Until then, they had felt silly or unable to share and had only told the relevant parties.

“The session made people realise that it could have been them, it could only take one colleague clicking on an email for a breach to occur.”

Read more about:

AUTHOR

Recommended for you

sub-bgsidebar subscription

Never miss the latest news and developments in wealth management industry

MARKET INSIGHTS

So we are now underwriting criminal scams?...

1 month 3 weeks ago

Glad to see the back of you Steve. You made financial more expensive, not more affordable as you claim, and presided ...

2 months ago

Completely agree Peter. The definition of 'significant change is circumstances relevant to the scope of the advice' is s...

4 months ago

Entireti has unveiled the new name for the AMP financial advice businesses that it acquired last year....

3 weeks 6 days ago

A Sydney financial adviser has been permanently banned from providing any financial services, with the regulator deriding his “lack of integrity, trustworthiness and prof...

2 weeks 5 days ago

Minister for Financial Services, Stephen Jones, has provided further information about the second tranche of the Delivering Better Financial Outcomes (DBFO) reforms....

1 week 4 days ago

TOP PERFORMING FUNDS