It’s Thursday afternoon, things seem to be going well, and then, it happens. You get an email from an employee telling you he found a copy of the HR file using a search engine. You stop for a moment. This can’t be true. Sure enough, you find the same information. There is a document online listing employees accounts, payroll, address, emergency contacts, and details on health benefits. This is bad. Right now, the only thing you know is that you’ve had a privacy breach.
You ask yourself, how did this happen and what to do next. The reality is, you aren’t the first and certainly won’t be the last.
Personal Information Protection and Electronic Documents Act (PIPEDA).
Most cybersecurity or privacy breaches happen for the same reason: a lack of training. It may be as simple as an individual using the same email address and password on their favourite website as they do on the corporate cloud service.
It is critical for you to review both your cybersecurity and information privacy policies before this happens. Even though these are two separate tasks, they tend to overlap, and a combined training program may be effective in protecting yourself from the liability of a breach.
The OPC has several free resources to help you comply with the PIPEDA. Your IT Provider may also be helpful when it comes to the technical side and might even offer some cybersecurity training resources.
Formerly, the average person was not entitled to niche training. Only the careerists were. It can no longer work this way. Nowadays, we manage more and more of our lives digitally. It is therefore essential that everyone, regardless of their job, knows the basics in terms of protecting their security and privacy.
Training in these areas will not only benefit the origination by reducing the risk posed from spear phishing attacks, crypto-viruses and fraud, it will also benefit the employees in their personal lives as they manage their online presence, banking operations and day to day activities.
Let’s work with the last bit of 2018 to make 2019 the most “cyber secure” year we can!