BLUFHaving a 'no blame' culture can promote honesty and make it more likely that people will report potential security threats.
Organisations face daily cyberthreats as criminals attempt to breach networks to gain usernames and passwords or even prepare for
a malware or ransomware attack. This article makes the following points:
If an employee clicks a phishing link or has fallen victim to a cyberattack and knows they won't get into trouble if they report it, they are far more likely to report the attack.
An IT department wants to know if somebody has clicked a malicious link to give them time to manage the incident.
Organisations need as much information as possible about what is going on in the organisation's cyber environment.
If an organisation does not know that malicious activity is occurring within its system, then that might allow hackers enough time to initiate a significant cyberattack.
Employees must feel comfortable about reporting potential incidents to help the organisation stay safe from cyberattacks.
Jan 2021 ABC News Are Australians at a 'turning point' on cybersecurity or still unprepared?
Mar 2021 Business How to protect your business from cyber threats
Jul 2021 Australian Government Protect yourself against cybercrime