Government agencies rely on passwords, training and technology to secure citizen data. And, of course, this is important. But the most sophisticated technology can be bypassed if people are not using it in the correct way or assuming others are taking responsibility for keeping data safe. Similarly, the impact of a cybersecurity threat can be greatly exacerbated when people are unsure of what to do in an emergency.
The welcome news is that 89% of Australian public servants want to be involved in keeping citizen data secure.
So, how can agencies act on this positive attitude and help employees stay responsible and vigilant?
1. Develop a safety culture across the workforce
- Robust policies and procedures need to become embedded in how everyone operates, every day. And, as our research shows, educating people about this has some way to go.
- Develop a human-centred security curriculum that’s tailored to specific roles.
- Raise behavioural awareness by encouraging healthy scepticism and adding security drills to routine operations.
- Create incentives and rewards for adopting the right behaviours – only 63% of Australian workers reported incentives for good practice.
2. Adapt to changing threats
- As agencies incorporate new technologies to connect with citizens, they also need to consider how these changes make their agency more vulnerable.
- Consider what data and assets might be of value to an adversary. These ‘crown jewels’ are not always the same as what an agency considers a priority to protect.
3. Engage the power of ‘Human+’ workers
- The real power of technology comes from its integration with people in a seamless interface. Creating layers of resilience can often be better achieved by having machines and people working together.
4. Operate (and secure) beyond boundaries
- Ensuring truly robust public services means building an ecosystem of partners with a focus on collaboration, learning and the development of trust. Only then can all organisations enhance their cyber resilience at speed and scale.
Read our Australian blog perspective here.