Cybersecurity: What Management Assistants Should Know

There's a reason that assistants are considered one of the employee groups most vulnerable to technology breaches in the office. Why? Quite simply, they sit particularly close to the corporate leaders and therefore to the power.

Therefore, it's time for assistants to get more and more involved with these topics, as it clearly belongs to the category of digitalization and the modern workplace. And it's important to stay up to date with these topics.

What is cybersecurity or cyber security?

We haven't been able to get past these terms for quite a while now, and companies have been devoting themselves to this important element for many years when it comes to IT security. Nobody wants to be hacked, neither companies nor individuals.

I'm sure you've heard a lot about cybersecurity breaches. Breaches, hacks or other cyber incidents have occurred in virtually every industry in the world. The scary news, however, is that more are coming and the damage is getting worse.

But what do we mean when we use the term "cybersecurity"? Let's start with a brief concise definition. Cybersecurity is a term for measures (technologies, practices and processes) taken to protect data, networks, programs and hardware from unauthorized access or attack.

Why should you care about cybersecurity breaches?

First, the global financial impact is enormous. Take ransomware attacks, for example. Sometimes, experts also refer to it as encryption Trojans, because the extortion is based on the fact that the data is encoded in an indissoluble way for the user. What is apparent from these alternative titles is how ransomware works: it sneaks into the system and the user is shocked to discover that their computer is locked.

So, ransomware are malicious programs that lock the computer or encrypt data on it. The perpetrators blackmail their victims by making it clear that the screen or data will only be unlocked after a ransom payment.

But these malware programs represent only one aspect of cybercrime. They still cost the global economy an estimated $325 million in 2015. It gets worse, however. It has been projected that the global cost of cybercrime as a whole will reach six trillion (yes, you really need to get this off your chest) by 2021. Anything at that level globally can ultimately impact your workplace and your home.

But what exactly does that mean? Any device can be breached. A hacker has typically been on a company's network for months before the organization detects it. Once a hacker has breached a system, it's much easier for them to re-enter it at a later date. To make matters worse, the tactics of these criminals are constantly evolving and you can throw out stereotypes and any preconceived notions you have about hackers. They can be used by organized crime or a nation state with a chain of command. They can work for data brokers or for activist groups. You don't know who they are or where they are.

Incidentally, more than two and a half years ago, the U.S. government first declared the rising number of cyberattacks on the United States a national emergency. That emergency status remains today, but employees in many workplaces are only vaguely aware of the risks and impacts to their businesses.

Understanding the impact on the business and the need for employee training

Regardless of your industry, cybercrime has a number of implications beyond financial, legal, and operational risks that impact shareholder or stakeholder confidence and customer loyalty. Cybercrime can also impact regulation and reputation.

It is widely recognized that employee behavior poses a cybersecurity risk to organizations. There are reports showing that more than half of all cybersecurity breaches involve current or former employees.

What do you do about it? Simple: training for the entire organization! HR and IT departments play a leading role in providing training. This way, well-trained employees can not only identify risks when they occur, but also play a role in mitigating them.

But cybersecurity should also be high on a management assistant's agenda, as they are considered the employees most vulnerable to technology breaches in an office and among the most at-risk employees in terms of technical breaches.

What might such a technology breach look like? Here are some examples:

• Adware - a form of malware (malicious software); this is software that typically contains and displays unwanted advertising material when you browse the Internet. It is a source of revenue for websites that do not charge user fees.
• Emails and social media - messages may contain links or attachments that you should not open. The classic one is phishing emails.
• Hardware theft - smartphones, iPads, laptops, tablets, etc. Everyone has lost something or knows someone who has lost their cell phone - even company devices.
• Internal cameras or webcams on your hardware - keep those lenses covered when not in use. There's a reason those little stickers exist for just such purposes.
• Malvertising - malicious online advertising. This can appear in ads that are displayed as pop-ups or banners.

The target audience of assistants are generally proactive people. They want to be responsive. Unfortunately, since the role of an assistant is still often undervalued, hackers are one group of people who do not underestimate the role. They recognize that assistants have access to power, which also means access to important information that hackers can use or sell.

But assistants aren't the only vulnerable group, of course; board members and junior IT staff are also popular targets. So be proactive in making sure you're always up to date when it comes to IT security issues. Actively request training, not just for yourself, but for your colleagues as well.  Assistants can be important drivers in these IT projects because they are dealing with a company's most important asset: data.

About the Author:

Diana Brandl is an international speaker, writer, podcast host and former C-Suite EA. A Digital Native, she has worked in the start-up world, where she rediscovered her role as a management assistant with 17 years of professional experience within the New Work generation. She teaches first-hand what it means to work with Millennial Managers and how important storytelling is in sharpening a profile. Diana has spent her career supporting C-Level Executives within global corporations such as Sony, and now supports the role of the management assistant by speaking at international events and publishing various articles focusing on digital transformation, personal branding, strategic networking, mentoring, diversity and social media. Diana was a delegate in the 2018 World Administrators Summit in Frankfurt. In addition to her blog, The Socialista Project, she created The Future Assistant podcast in 2020.