7 Simple Cyber Protections to Teach Employees


Remember your first fire drill in school? Perhaps it was in preschool or kindergarten. Your teacher likely explained what you should do and to how to return safely to the classroom after the drill.

Similarly, organizations must prepare employees to prevent and counteract a cyber attack. Employees are the organization’s first line of defense.

We must “auto pilot” the actions each person should take. We’ll call the recurring training, our company “cyber drill”.

Like our early fire drills, in order for the instructions to stick, our cyber drill must be memorable, understandable, and to the point.  

The Basic Cyber Drill

 The following is a list of employee instructions that underlie every “cyber drill”. These basics should be customized to the specific procedures and protocols of the organization. Cyber drills should recur at no less than 6 month intervals and be included in every new employee orientation.

1. Be aware of how breaches occur – for example, hackers often target employees by sending emails or pop-ups containing links to malware. Phishing attacks send emails, purportedly from a reputable source, requesting sensitive or personal information, such as social security numbers, credit card, or back account numbers.

2. Create secure passwords – Poor password practices can put the entire organization at risk for a breach. Always create strong, unique, and unpredictable passwords. Never use the same password for more than one program or website because hackers who learn that password can use it to access all of them. While having multiple passwords can be a pain, no one wants to be the reason an organization accidentally releases 500 million records.

3. Back up sensitive data – Save copies of your data in separate secure locations, such as on a different hard drive or in the cloud. Without this backup, sensitive information on a computer can be hacked. The hacker could install ransomware, which holds that data hostage until a ransom is paid. In other words, ransomware could deprive an organization of its data unless it pays the hacker for its return.

4. Perform regular software updates – Update the software when prompted to do so by the operating system or antivirus software, which may include updated protection from spyware, botnets, phishing emails, and other viruses. Software updates don’t take long to install, and it’s critical to keep up with them.

5. Use caution and common sense! – The most important safety measure is to remain vigilant and use common sense. The best defense against cyber attacks is caution. For example, always determine who an email is from before opening it. Never open an email attachment without knowing who it’s from and what it is. If you have questions regarding an attachment, contact the sender before opening it to confirm that the attachment is a safe document.

6. Lock computers when away from them – Lock or shut down your computer any time you are away from it so that nobody else can access it.

7. Speak up – Should something appear to be out of the ordinary, never ignore it. Again, don’t reply or click on any links or attachments. Promptly let management know so it can be investigated to protect the organization and every team member.

Cyber Drills should continually evolve with awareness. All team members must continue to work together to develop, implement, modify, and maintain plans that protect organizations from cyber attacks.


VANTREO is committed to helping our clients achieve high-performing solutions and measurable results.  We are always here to help. Just let us know how...Reply here