OFFICIAL PUBLICATION OF THE NEBRASKA BANKERS ASSOCIATION

Pub. 17 2022-2023 Issue 3

A-Guide-to-Security-Feature

A Guide to Security Awareness for Customers

National Cybersecurity Awareness Month is back in October to promote educating the nation about cybersecurity and how everyone can be safer online. The initiative provides an excellent opportunity to evaluate the cybersecurity culture of your company and how you can share your knowledge and resources with your customers and community throughout the year.

Education and security awareness training are powerful tools when it comes to creating a strong information security program. It helps establish trust that your organization takes cybersecurity seriously and that you’re committed to doing what’s best for your employees and customers.

An organization with a strong security culture goes beyond internal employees and talks about cybersecurity threats with its customers as well. Educating customers about the dangers of cyber threats helps build a stronger relationship. Cyber savvy customers also benefit your business. A more secure customer will reduce the risk of their information becoming compromised or used maliciously against your business.

Cover the Basics

Your customers can benefit from the same security awareness topics shared internally, including, but not limited to:

  • Recognize and report phishing
  • Type of social engineering attacks and what controls can mitigate the risk
  • Physical security threats and best practices
  • Password best practices and password management tools
  • Enable multi-factor authentication (MFA) whenever possible
  • Updating software and patch management
  • Remote access security
  • Use of encryption
  • Mobile device security
  • Defending against malicious software
  • Importance of anti-virus and firewalls
  • Incident response plans

Tips to Share Your Knowledge

Most companies do not employ a staff of cybersecurity experts or only offer services to customers with a security background, so it is important to provide basic cybersecurity knowledge, best practices, and tips on a regular basis. A strong culture of cybersecurity at your organization has benefits beyond mitigating cyber risks; it builds confidence amongst your employees and customers that you have made it a priority.
Using multiple delivery channels to support training and education can help ensure your customers see it throughout the year. Delivery channels can include:

  • Place or link to relevant cybersecurity tips, news stories, alerts, and cyber policies on your business website.
  • Include a monthly tip in your newsletter or social media accounts to keep cybersecurity top-of-mind for your customers.
  • Encourage your customers and employees to follow your organization or other cybersecurity organizations on social media for cyber tips and news.
  • Incorporate cybersecurity tips into your on-hold message when customers call your business.
  • Include cybersecurity resources with physical statements or invoices.
  • Provide cybersecurity resources, control suggestions, or self-audits at the time of account opening.
  • Place posters, articles, or other educational materials in the entryway, break room, bathroom, or other meeting areas.
  • Invite your business customers and employees to attend an educational webinar, such as the free monthly Hacker Hour webinar hosted by SBS.

Host an event

One of the most popular and effective training methods is to invite your employees and customers to a virtual or in-person event. Getting out in front of your customers and talking about the importance of cybersecurity is a win/win:

  1. You are helping to create cyber strong customers that are more resistant to attacks, benefiting both you and your customer.
  2. You show your customers they are more than just a number. You’re strengthening relationships and demonstrating care about their well-being.
  3. You have an opportunity to show off new products/services or new features, as well as potentially increase the adoption of existing products or services.

For business customers: Plan a lunch and learn event focusing on the latest cybersecurity trends and tips for securing their business.

For the community: Host a cybersecurity awareness day for community members to shred sensitive documents, listen to short presentations, and play cyber-themed games or trivia.

For employees: Have an external presenter conduct training to help increase engagement. Many speakers will also make it fun by incorporating games or prizes for participants.

For your board: Have an expert discuss the trends they are witnessing, and the risks associated to generate increased buy-in.

Here are some additional considerations to keep in mind:

  • Invite the community.
  • Host several sessions to cover the most people possible. Consider recording the session for those unable to attend and/or to use for content later.
  • Choose a platform (if virtual) that is easily accessible by your customers, user-friendly, and secure.
  • Pair up with your chamber of commerce, a civic organization, or an academic institution.
  • If you’re not confident talking about cybersecurity, bring in a cybersecurity expert to speak on your behalf.

Talking about cybersecurity also offers a chance for your customers to see how your organization is protecting their information. In today’s market, where cybersecurity is becoming a deciding factor for consumers with many options, being open and transparent about cybersecurity can instill customer confidence and draw in new customers. 

Visit www.sbscyber.com > Education > Free Download for more security awareness materials you are free to share,
including a Security Awareness Toolkit with security tip graphics, sample social media posts, and more. For more information, contact Robb Nielsen at 605-251-7375 or robb.nielsen@sbscyber.com. SBS helps business leaders identify and understand cybersecurity risks to make more informed and proactive business decisions. Learn more at www.sbscyber.com.