California SB-1159: On 9/17/2020 California enacted SB-1159 which imposes certain reporting requirements on California employers. Effective immediately, California employers are required to report positive COVID-19 tests to their workers compensation claim administrator, whether there is an allegation the COVID-19 exposure is related to work or not. Additional information on California SB-1159 can be found here.

How to Conduct Cybersecurity Training for Employees

Topics: Cyber Liability

Everyone makes mistakes from time to time; however, when it comes to preventing a data breach at a small or mid-sized business, employers and employees should strive to be error-free and as knowledgeable as possible about cybersecurity. This means ensuring that there is a training program for best practices on security firmly in place – and keeping everyone in the company up-to-date on all security policies at all times.

The Importance of Educating Employees on Cybersecurity

Early detection of a data breach is critical when it comes to helping to save a company’s credibility, reputation and thousands of dollars in damages. One of the first steps in preventing a data breach is being able to recognize what some of the early warning signs are so it can be caught before the real damage is done.

Cybersecurity training for employees is not a once-and-done situation. However, many companies may educate new employees on cybersecurity policies, then perhaps roll out an annual training program and leave it at that. Businesses should consider doing more to ensure all employees are consistently updated about any potential security vulnerabilities, as well as how to recognize them and avoid them. The investment of a robust cybersecurity training program is a small price to pay when compared to what a data breach could cost the organization.

5 Cybersecurity Training Tips for Employees

According to a report from Small Business Trends, 48 percent of data breaches are attributed to hackers with malicious intent. The other 52 percent? Human error or system failure.

Here are five cybersecurity tips for employees to help ensure they clearly understand not only the security policies of the organization, but also the potential risks associated with a data breach:
  1. Get the C-suite involved. It’s important that upper-level employees also understand the importance of a strong cybersecurity training program, as they typically are responsible for designating the budget of such programs. All employees should understand the implications a data breach could cause the organization.
  2. Require strong passwords. All employees should understand how to create strong passwords for the systems they access daily. In fact, secure passwords are often the first step in safeguarding sensitive data. Some of the best practices for passwords include using a mix of characters, numbers and letters, never sharing passwords among employees and avoiding keeping passwords out where others may see them.
  3. Implement cybersecurity drills. A cybersecurity “drill” or “live fire” training exercise allows employers to fully understand how educated their employees are when it comes to avoiding a data breach. For example, some companies utilize simulated phishing scams by sending out emails to see how many individuals open or click on attachments.
  4. Consistently evaluate vulnerabilities. Companies should understand exactly how vulnerable the organization may be to a cybersecurity attack. This means evaluating both the systems and the employees who utilize them regularly to monitor any potential weaknesses.
  5. Keep the lines of communication open. Cybersecurity policies should be widely communicated throughout the organization, and there should be regular training procedures to keep all employees aligned on best practices. Additionally, all employees should understand the company’s data breach response plan to ensure the proper steps are implemented immediately should they suffer a cybersecurity attack.

Be Cyber Smart this National Cybersecurity Awareness Month

National Cybersecurity Awareness Month (NCSAM) kicked off its 16th year at the start of October, with each week of the month representing a different online safety issue. As we all lead internet-connected, digital lives, every individual and organization plays a key role in securing their part of cyberspace, including the devices and networks they use regularly.

As an NCSAM champion, AmTrust recognizes our commitment to cybersecurity, online safety and privacy. This year’s theme -  Own IT. Secure IT. Protect IT. - serves as a reminder that in these high tech times, our homes, workplaces, economity prosperity and national security continue to be impacted by the internet. Being proactive in security best practices and digital privacy can help enhance cybersecurity in homes and offices across the country. 

Ensure Your Clients Are Covered with Cyber Liability Insurance

Cyber Liability Insurance policies from AmTrust can help protect small businesses from some of the costs associated with a variety of cybersecurity attacks. Appointed agents can customize policies and coverage options to meet the individual needs of clients, helping policyholders avoid the real costs of a data breach.

This material is for informational purposes only and is not legal or business advice. Neither AmTrust Financial Services, Inc. nor any of its subsidiaries or affiliates represents or warrants that the information contained herein is appropriate or suitable for any specific business or legal purpose. Readers seeking resolution of specific questions should consult their business and/or legal advisors.

Time Zones