Cybersecurity Counts 7 Ways to Motivate Employees to Care

Cybersecurity Counts: 7 Ways to Motivate Employees to Care

Cyberattacks have become an all-too-prevalent reality in today’s business landscape. In fact, cyberattacks increased by 38% in 2022 alone. This means every company should have a cybersecurity plan in place to prepare for the worst, in case it happens.

With the cost of an average business data breach now reaching a staggering $4.35 million, no organization can afford to let its guard down. And because hacks can affect every area of operations, from the top down, it’s vital to build awareness among employees to ensure that they understand the consequences and take an active role in protecting your organization’s assets.

Here’s how to get your team on board with new policies to ensure your company remains safe against threats. The right kind of motivation can work wonders.

7 Ways to Get Employees to Care About Cybersecurity

1. Start With New Hires

Get people to pay attention to cybersecurity policies right from the beginning of their tenure with your company. The onboarding process is a great time to explain your procedures to new hires. This helps employees feel more confident about their workplace, and they’ll be better prepared for any threats that occur while they’re still getting used to organizational practices.

People tend to pay more attention to policies and procedures during onboarding than if they’ve been on the job for a while. Once you develop a cybersecurity plan, inform new hires of everything they need to know about the procedures, as well as the regulations they need to follow to keep the company’s information safe and secure. And whenever you update existing methods or policies, don’t forget to inform current employees about these changes, so everyone is on the same page.

2. Conduct a Simulated Run-Through

There’s no better way to practice cybersecurity policies than by simulating an attack. Your team can discuss what to do if a hack actually occurs, so everyone is prepared for real threats before they occur.

Before the “drill,” be sure to inform everyone on the team that you’ll be running a test case, so they won’t become overly stressed about the exercise. Be sure to emphasize that this is an opportunity for everyone to learn. If you give them a break from their usual work patterns to focus on the simulation, they’re likely to be more invested in learning how to prevent an actual cyberattack from occurring.

3. Evaluate Remote Work

Many people love remote work. However, it isn’t necessarily the safest or most reliable way to ensure everyone is following your cybersecurity rules. In fact, more than half of employees under 30 make more cybersecurity mistakes when working from home. That means it’s especially vital to communicate the importance of maintaining consistent security practices when working outside the office. In particular, teams that work with sensitive information should be provided with all the tools and training needed to ensure data is handled properly.

Alternatively, instead of having your entire team work on a fully remote basis, you may prefer to build a hybrid schedule, where team members work onsite at least a few days each week, so everyone is comfortable following cybersecurity procedures.

You can increase remote work flexibility once it’s clear that everyone understands cybersecurity policies and practices. However, the key is to ensure that everyone on your team understands the plan and proactively adheres to the rules, regardless of whether they’re working onsite or in a remote environment.

4. Incentivize Continuous Training

Perhaps you don’t want to schedule discussions with workers about various cybersecurity measures. Instead, offer a continuous training program with resources employees can review at their convenience.

To ensure everyone engages with training, completes the materials, and understands the content, offer incentives that entice people to work through all of the information. Financial incentives make great motivators. A small monetary bonus may be enough to encourage everyone to read through the resources and implement the security tactics they learn. And to reinforce the learning process, be sure a manager or cybersecurity team member is available to answer any questions that arise as people complete their training materials.

5. Conduct Evaluations With Rewards

Nothing motivates people like rewards. Offering bonus incentives can get employees motivated and engaged with your policies, and keep them interested in future program adjustments. Next time you evaluate or audit your business’s cybersecurity habits, issues and practices, consider rewarding people who have gone above and beyond to follow your policies.

Ideas for rewards include extra vacation time, restaurant gift cards or opportunities to leave work early on Fridays. These are simple gestures, but they can go a long way to gain attention and compliance.

6. Implement Mandatory Password Changes

It’s harder for cybercriminals to hack into your accounts when you have good, strong passwords you change regularly. Nearly every company deals with sensitive information these days, so it is essential to lock down every account.

To keep everyone in check, mandate a password change every few months, and ensure employees use unique letter and number combinations that aren’t attached to other accounts. Over time, your team members should anticipate these procedures and treat them as an accepted business routine.

7. Communicate the Risks

Think about what is at risk if your company is hacked. Small businesses must be especially careful, because they’re targeted by about 43% of all cyberattacks.

But no matter what your company size, how you deal with cybersecurity threats or information breaches can significantly affect your brand’s perception. That’s why it’s so important to be mindful of the message you convey in your policies and actions.

When a breach occurs, businesses that don’t handle the fallout well are likely to lose customers and clients. You can prevent this by having a streamlined system of recovery procedures in place. For example, you’ll need a plan for breaking the news to key parties, getting your brand back on track, and taking steps to improve your current systems.

It’s important to get ahead of this kind of problem by ensuring that your whole team is on the same page about risks, and wants to work together to keep your company and its assets as safe as possible.

Bottom Line: Prioritize Your Company’s Safety

Cyberattacks are on the rise. That means you can’t afford to ignore the real risks to your business data and systems. Start by emphasizing the risks of lackluster security. Ensure that every employee is aware of the risks, including how a security breach could affect their job. Making it personal may be what you need to ensure compliance.

Once you offer incentives, explain the importance of maintaining good practices, and illustrate how to practice cybersecurity on an ongoing basis, employees are more likely to change how they work. If you consistently emphasize the value of cybersecurity to your business and your customers, your entire team should soon follow suit.

How can leaders help employees feel safe at work. Check this advice from an expert on how to build a speak-up culture

Does Your Staff Feel Safe at Work? Here’s How to Help

The Problem

Can you confidently say that 100% of your employees feel safe at work? For business and HR leaders, ensuring the health and safety of everyone on the job is imperative. But sometimes, reality has other plans.

Fraud, misconduct, harassment — even the most prepared organizations may face these challenges at some point. That’s why it’s vital for employees to feel free speaking up. Whenever issues arise, a speak-up culture can help you respond more swiftly and effectively. It also helps employees feel safe, which in turn, leads to increased overall wellbeing and productivity.

Over the years as a risk management consultant, I’ve discovered that ensuring people feel safe at work is no easy feat. But the following practices can help your organization establish and maintain a sense of psychological safety:

The Solution

1. Start With a Comprehensive Anti-Retaliation Policy

A zero-tolerance anti-retaliation policy can act as a baseline for all employees — including C-suite executives — to guide expectations around retaliation in the workplace. But what exactly does anti-retaliation really mean in an HR context?

In organizational settings, retaliation presents itself through actions such as marginalizing or shunning people, impromptu negative performance reports, and regularly assigning unwanted work shifts to targeted individuals. Illegal retaliation can even go so far as firing someone for speaking up. A zero-tolerance policy ensures that any person responsible for retaliatory behavior will be terminated.

Rather than disciplining people who speak up, managers should be encouraged to address employee concerns with understanding and act swiftly to investigate and resolve the issue. Anything less, and employees may be too scared of possible retaliation to report a problem.

The policy should clarify key factors, such as:

  • Specific types of conduct that should be reported,
  • How your organization facilitates the reporting process,
  • Actionable process steps, and
  • How this policy complies with local laws and regulations.

The zero-tolerance principle should also apply to discussions about workplace discrimination allegations, because this can result in unintentional retaliation. Finally, to ensure that your policy reflects new needs as your organization grows, review your documentation periodically and update it accordingly. 

2. Implement Anonymous Reporting Tools

An anonymous reporting system is a broad term for tools such as help lines and intake forms that make it easier for employees to report misconduct. Anonymity is vital because it adds a layer of protection that further shields those who speak up.

Organizations can invest in an in-house reporting system or outsource this process to a third-party provider that specializes in managing and tracking reports. An outsourced system helps employees feel safer, because they know others in the organization won’t be able to undermine or dismiss their concerns.

Also, implementing multiple reporting tools can be beneficial. Creating multiple reporting avenues encourages employees who need to report an issue or incident to speak up in a way that is most comfortable for them.

For example, in addition to offering a helpline, some organizations also provide an online intake form in various languages so it’s accessible to more people. Often, reports submitted through online forms contain sensitive information that some individuals may not be comfortable communicating out loud. Or a safe space may not be available where people can speak confidentially, so the online form serves as a trusted alternative.

Of course, implementing these tools is only the first step. It’s also important to provide ongoing education, training and monitoring to ensure that everyone in your organization understands the policy and how to use any reporting tools you provide. To ensure widespread adoption, this educational process must be a top-down effort across your organization. It must also serve as a cornerstone when onboarding each new member of your workforce.

3. Train Managers in Conflict Resolution

As an executive or HR leader, you’ve most likely been involved with conflict mediation as a fundamental aspect of the managerial role. In fact, 85% of U.S. employees have reported some level of conflict at work. You can help mitigate this by ensuring that lower-level managers develop conflict management and resolution skills. This can support a more cohesive strategy for spotting issues sooner and getting to solutions quicker, so you can avoid having to deal with situations after they’ve reached a boiling point.

Understanding the root cause of a conflict is often the first step in resolving these issue. The most common conflict triggers are workplace stress, clashing egos, lack of support, or poor leadership. There is room for middle-level management to identify potential issues before they escalate, engage with staff, reduce conflict directly, and evaluate how they can improve workflow management to better support their teams.

Disputes between managers and employees will still need to be handled with bias-free executive attention. However, the more conflict management and resolution training managers receive, the more likely employees will believe to trust “open door policies.” Ultimately, this can reduce conflict and increase well being across your teams.

4. Ask Employees for Feedback

You won’t know if people are satisfied with your efforts to help them feel safe at work unless you ask. That’s why you’ll want to find a viable method to gather feedback and channel key insights to decision-makers. By periodically gathering and acting on feedback, you can continuously improve employee satisfaction and retention over time.

But keep this in mind: Research says 78% of employees are willing and happy to participate in workplace feedback surveys. Yet, only 50% think their input will lead to meaningful change. This means you’ll want to be sure you close the loop if your survey reveals gaps or weaknesses in your policy or process. Otherwise, you could undermine your entire strategy.

When People Feel Safe at Work, Wellness and Productivity Follow

The ideal solution combines clear guidelines with anonymous reporting tools and conflict resolution training for managers, in conjunction with employee feedback surveys. Each mechanism works in tandem with the others to create a more holistic approach to maintaining well-being in the workplace. When thoughtfully implemented, this approach can increase trust and confidence across your organization.

Once you implement a zero-tolerance policy alongside anonymous reporting tools, training and feedback, you’ll be able to address areas of concern more proactively. Over time, you can expect to improve productivity and retention because you’ve invested effectively to foster an environment that supports workforce wellness and safety.

Movember Celebrating Men's Health at Work

Celebrating Movember: Men’s Health at Work

EDITOR’S NOTE: At TalentCulture, we recognize a healthy workforce is a more engaged and productive workforce. That’s why we’re spreading the word about the importance of “Movember” men’s health awareness in this article.


The holiday season is upon us! As the days get shorter and colder, schedules are getting busier and more packed with activities. It’s common for us to let some things slide — including taking care of our health and wellbeing. We’ve all been there. But health should never take the backburner. That’s why we’d like to talk about the Movember movement.

What exactly is Movember? What does it mean for men’s health? And more specifically, how can employers leverage this opportunity to encourage discussions around important workplace health issues? We’ll even touch on how you can start a Movember event with friends and coworkers. 

What Is Movember? 

Two friends kickstarted Movember as a grassroots effort to promote men’s health in Australia. It began in 2003, at a time when the mustache had all but disappeared from popular culture.

That’s when Travis Garone and Luke Slattery first convinced 30 friends to take up the challenge of growing out their facial hair in solidarity with men’s health issues during the month of November.

This simple challenge grew faster than anyone imagined. In fact, by the time it reached the U.S, in 2008, the Movember charity had raised more than $46 million, in partnership with global charities dedicated to raising awareness around important men’s health issues.

Over the years, this movement has continued to gain traction across the globe. Now, nearly 7 million men and women contribute to the cause by funding more than 1200 men’s health projects. The Movember project and its enthusiastic supporters (known as “Mo bros” and “Mo sisters”) have addressed many worthy health causes around the world. 

Why Movember Matters

The importance of raising awareness and encouraging communication around men’s health can’t be overstated. Unfortunately, men are still statistically far less likely to take care of their health. That’s not an opinion, but a well-documented fact.

For instance, a 2021 study found that less than half of men (47%) had a routine medical checkup in the previous 12 months. Embarrassment and perceived stigmas are the primary reasons.

Our culture of stoicism means that when men experience pain, many feel societal pressure to simply push through it. And although women tend to become familiar with healthcare from a young age — seeing gynecologists and being encouraged to schedule annual checkups — men generally don’t develop the same kind of connection.

Simply put, conversations about men’s health aren’t common. In fact, they’re often stigmatized. Ultimately, this leads to poorer health outcomes. 

The Movember Mission

The Movember movement celebrates men’s health in all its forms, but emphasizes mental health and cancer prevention, in particular. Here’s why:

1. Preventing Cancer

For men, two key health concerns are prostate and testicular cancer. Prostate cancer is the second most common cause of cancer death in men. Fortunately, testicular cancer is less frequent. However, it still affects about 7 out of every 100 men.

Both cancers are considered highly treatable if caught early. However, when left untreated, they can be very difficult to cure, and the statistics are less promising.

Most experts recommend starting prostate exams around the age of 45 and getting an exam every 3-5 years. Doctors often perform what’s called a PSA test. A PSA is a reliable metric that helps determine the risk of prostate cancer.

Similarly, to help detect testicular cancer, men should perform self-exams, looking for signs like lumps, swelling, or dull aching pain. Anyone who experiences any of these symptoms needs to see a doctor immediately.

Bottom line: Routine checkups are crucial for effective cancer prevention, detection, and treatment. That’s one of the most important messages behind the Movember movement.  

2. Communicating About Mental Health

Although mental health is extremely important, it is also perhaps the most stigmatized men’s health issue. Statistics show that although mental health challenges are relatively common among men, less than half will seek treatment.

This problem is especially important to recognize in the workplace, where burnout and stress are common. People often don’t realize how stressed they are until the symptoms become unavoidable.

Left unchecked, stress or burnout can not only affect your mental and emotional wellbeing but also wreak havoc on your body. Fatigue, anxiety, and depressed mood — even changes in weight and thinning hair — all can occur.

Of course, it’s important to see your doctor to make sure you’re not dealing with underlying medical issues like hypothyroidism or male pattern balding. But these symptoms can also be a response to physiological changes caused by stress.

How Employers Can Get Involved

Encouraging your workforce to be part of the Movember trend can be an excellent way to raise awareness around these important men’s health issues. For example, you can set up a Movember fundraiser, either in person or virtually. This can foster teamwork and solidarity in the workplace, while also encouraging people to take charge of their health. 

If you decide to start a Movember campaign, you don’t have to focus on only one topic. It’s an opportunity to help men feel more comfortable talking about a variety of issues that affect their health.

Conversation Starters:

  • Are you getting enough exercise
  • Are you sleeping well?
  • Do you feel overloaded with work lately?
  • How healthy is your diet?
  • Do you schedule regular check-ups? 
  • Have you talked to your doctor about things like prostate screening? 

Talk to your coworkers, talk to your friends, and bring the Movember movement to your professional and social circles. It’s not just for men either. It’s for anyone with a man in their life they care about — a significant other, a family member, or a friend. Every man matters. Encourage open conversations, show your support, and get involved!

social background checks

How Social Background Checks Preserve Work Culture

Sponsored by: Fama.io

Every employer wants to provide a safe, supportive environment where people can do their best work. That’s a key reason why social background checks have become so popular. But many organizations don’t talk openly about how they make this happen.

I get it. This can be tricky to manage. But workforce wellbeing and your brand reputation are on the line. So, it’s wise to include a strong social media screening solution in your HR toolkit.

What kind of services are leading the way? And what should you consider when seeking a provider you can trust? Join me as I explore these questions on the latest #WorkTrends podcast episode.

 

Meet Our Guest:  Ben Mones

Today, I’m speaking with Ben Mones, Founder and CEO of Fama.io, the world’s largest provider of social background checks, and a leader in applying artificial intelligence technology in workforce screening services. As an expert in this process, Ben is an excellent source of advice for HR practitioners and business leaders.

Linking Culture With Social Background Checks

Ben, welcome! Let’s dive right in. How do you see social background checks tying into the employee experience?

Too often, employers don’t talk about background screening because they think it’s a “dirty” job at the front of the candidate funnel or during the onboarding process.

But that’s not what we do. We look at publicly available online records to detect behavioral patterns associated with intolerance or harassment. We look at things that, if left unchecked, could find their way into a company culture and create some damage.

Remote Work Raises the Stakes

Many of us work virtually now, so the stakes are higher. I mean, how are we getting to know people?

Agree. We often meet our coworkers by friending them on Facebook, following them on Twitter, or exchanging DMs on Instagram. So, if we’re interacting in these digital spaces, the importance of digital identity naturally follows.

Digital Screening Adoption Rate

How many companies are screening candidates or employees?

CareerBuilder and SHRM say 70% of employers perform some sort of social media or online profile check before bringing people on board. For example, they may be Googling someone before hiring them.

Risks of Social Background Checks

Compliance is a big concern with this process. What are the risks?

I think the risks of doing it yourself scare people away.

For example, you could be exposed to things you shouldn’t see. If a recruiter does this internally, they’ll see a person’s gender, ethnicity, pregnancy. You’ll see all these protected classes.

EEO says you can’t unring that bell. You can’t unsee that information. So because bias naturally occurs within all of us, you consider these sorts of things in your hiring process.

Avoiding Compliance Pitfalls

How can employers deal with these risks?

Managing the process through a third party helps squash those risks because you can configure the solution to filter only for job-relevant information.

This means you’re blind to all the protected class information you’d see if you were conducting social background checks on your own.

Key Screening Factors

What core behaviors do you look for in social screening? 

Here’s what we don’t do. We don’t do a yes/no recommendation on a person. Instead, think of flags for things like intolerance, threats, harassment, violence, crime and drugs.

 


For more advice from Ben, listen to the full podcast. And for detailed information about how your organization can benefit from social background screening, visit the Fama.io website, where you’ll find benchmarking reports and other resources for employers.

Also, be sure to subscribe to the #WorkTrends Podcast on Apple Podcasts or Stitcher. And to continue this conversation on social media, follow our #WorkTrends hashtag on Twitter, LinkedIn, and Instagram.

Workplace Safety

Workplace Safety Reporting – How to Streamline

In pursuing health and success for a business, safety compliance is critical and we understand why. Monitoring injuries and potential hazards can help your workplace combat risks and costly fines. It can also make employees feel safer, but understanding where to begin isn’t always easy.

Maintaining workplace health and safety reporting is a practical challenge for HR teams already balancing a lot on their plates. Plus, fluidity and growth in the compliance industry over the past few years have added some complex obstacles.

Reporting requirements are likely to keep shifting. The more aware you are of changing regulations, the better prepared you will be to meet the uncertainty of maintaining health and safety in the workplace.

Meeting Regulations Around Employee Health and Safety

There are no two ways about it: Being compliant in the workplace is a must for companies that don’t want to welcome risk. For starters, companies that don’t adequately or accurately report workplace incidents could incur financial penalties from regulatory bodies or have legal action taken against them. What’s more, the public could form the opinion that your company doesn’t protect its most valued assets: employees.

Being prepared to confront the evolving nature of health and safety concerns can put you at ease when an unfortunate incident does occur. But how should you go about it practically? These three elements should be part of your action plan to maintain health and safety in the workplace:

1. Make record-keeping a habit.

Employee health and safety is something no company can afford not to prioritize. If a workplace incident or mishap occurs, you shouldn’t wait to report or record it.

Getting proactive about record-keeping will save you a lot of time and stress when reporting to the Occupational Safety and Health Association, or OSHA. Track recordable incidents throughout the year and always maintain an accurate count of all information required for the OSHA log. This information can include injury information (e.g., date, body part, location), restricted days, lost time, the annual average number of employees, and their total hours worked.


This data can be complicated and time-consuming to gather in one fell swoop, so establish a practice of thoroughly documenting every injury, incident, and safety audit as it occurs. Doing so will also put troves of insightful safety data in your hands. For example, suppose the numbers tell you that the most common injury in your organization is lower back pain. In that case, you could introduce preventive measures, such as mandatory lunchtime stretching periods or weight limits on packages. The more informed you stay on injury occurrences, the more proactive and supportive you can be about employee safety.

2. Work to reduce employee injuries.

The safest way to make OSHA reporting more efficient is to have fewer employee injuries. Easier said than done, sure, but if you and your team dedicate time to preventing injuries, you might be surprised at the difference. 

Start by removing any unnecessary hazards from your workplace. Then, try scheduling regular check-ins with your employees and taking note of their safety concerns. These conversations can help you shine a spotlight on hazards you haven’t even considered.

That said, actively trying to avoid on-site injuries doesn’t guarantee they won’t happen. A business that works with any risk will have a run-in with OSHA at some point. If you’re unlucky enough to have to report a fatality, serious incident, or complaint against your business, OSHA will reach out to you for additional information.

When it does, you want to be ready to comply with the OSHA reporting requirements. Be prepared to present a record of all nonminor injuries, copies of the safety training provided to employees, and hazard assessments. These documentations also serve to educate your team continuously about safety trends.

3. Categorize staff logs.

When your company diligently maintains accurate safety reports, it creates a buffer against legal action. Reports are verifiable and evidential, and they can help make your case if your business faces a lawsuit.

Keeping timely safety reports is especially useful because many lawsuits happen months or even years after an incident. Preserving documents like associate reports, investigation summaries, medical documents, email correspondence, and photographic or video evidence means you can be ready to inform your legal team when ready.

Your HR network might be complicated, especially right now when contingent workforces are trending. When working with different types of employees (e.g., seasonal, part-time, or temporary employees), make it a little easier on yourself by distinguishing among them. If you’re working with a staffing agency, ensure that they have strong safety processes, prioritize associate safety, manage incident documentation, and oversee workers’ compensation claims.

Making compliance reporting more efficient in your workplace will take some time. Once you have a plan in place, reporting activities should be easier and more efficient. 

Maintaining health and safety in the workplace is critical for your business’s survival. Streamlined reporting will help you stay organized and safeguarded from legal action. Prioritizing health and safety is also a necessary investment in the value employees bring to your company. It can lead to fewer accidents and injuries. It can help keep your teams healthy and ready to perform at their best.