Cyber Security & Secure Online E-Transaction for Promoting Digital Technologies
Madhya Pradesh, India
One of the biggest risks to an organization’s information security is often not a weakness in the technology control environment. Rather it is the action or inaction by employees and other personnel that can lead to security incidents—for example, through disclosure of information that could be used in a social engineering attack, not reporting observed unusual activity, accessing sensitive information unrelated to the user’s role without following the proper procedures, and so on. It is therefore vital that organizations have a security awareness program in place to ensure employees are aware of the importance of protecting sensitive information, what they should do to handle information securely, and the risks of mishandling information. Employees’ understanding of the organizational and personal consequences of mishandling sensitive information is crucial to an organization’s success. Examples of potential consequences may include penalties levied against the organization, reputational harm to the organization and employees, and impact to an employee’s job. It is important to put potential organizational harm into perspective for personnel, detailing how such damage to the organization can affect their own roles.