The Employee Voice and its Impact on Digital Security

By now, everyone is familiar with the major talking points surrounding digital security. We know the potential costs of ignoring security issues, as well as many of the steps required to prevent them.

What we talk about less, however, is how the people within an organisation contribute to digital security. Of course, there are the constant hiring issues and discussions surrounding IT security skills shortages, but that isn’t the point of this article. Instead, we are focusing on the individuals outside of your IT department who have a major impact on whether or not your data remains secure.

IT security threats are usually pictured as outside actors, from malware to black hat hackers to corporate espionage. While these threats certainly exist, a huge portion of data breaches involve insiders: the Ponemon Institute’s 2017 Cost of Data Breach Study found that 28 percent of breaches were caused by ‘human error,’ and a substantial portion of the 47 percent of breaches caused by malicious attacks were caused by organisation insiders.

Clearly, these can’t be handled in the same way as outside threats. Typical IT security safeguards won’t stop someone with legitimate access from negligent or malicious action. However, there are steps that can be taken, such as adopting the principle of least privilege, where all user accounts up to and including administrator accounts have the bare minimum access required to do their job. This won’t stop breaches, of course, but it can help minimise damage.

What can go much further than account restrictions is encouraging employees to share issues and concerns, fostering the so-called ‘employee voice.’ Listening openly and uncritically to employee concerns has two primary effects: employees can share concerns about practices or behaviour, highlighting issues before they become problems; and employees will be more inclined to bring up a potential issue with which they have been involved in a prompt manner, allowing a potential breach to be mitigated.

Fundamentally, this vital input will come from employees who feel that they are listened to and their concerns are taken seriously, thereby feeling better about the organisation of which they are a part. If an employee’s concerns are discarded out of hand, they are far less likely to bring up future concerns. If staff are routinely punished for minor issues, it is unlikely that anyone will admit to taking an action that could result in a security breach.

The primary difficulty with fostering an environment which takes the employee voice seriously is that it has to be embraced by the entire organisation. You won’t get anywhere trying to convince individuals that security issues will be taken seriously if all other concerns they raise are ignored, or there are routinely consequences for speaking out.

Clearly, empowering the employee voice isn’t everything and organisations still need to take every precaution to prevent data breaches. It is, however, a piece of the digital security puzzle that can be extremely expensive to ignore, but costs nothing to implement.

Source include: Ponemon 2017 Cost of Data Breach Study / IPA Involve Employee Voice

Latest Jobs

Don't just take our word for it

  • Tom Salvat, CEO, CONCURED
    "As a fast-growing start up, we need great people with a tough set of skills to find. They need to be hungry, experienced and fit the culture of a business that is always adapting and growing. Finding these people using Linkedin and other job boards is tough, time-consuming and rarely bears fruit. Ross has always been able to uncover gems for us, and we are benefiting greatly from his skills at CONCURED. Ross has a rare ability to really understand the business, the culture and the people that will nail the role. I couldn't recommend him highly enough, and he is the only recruiter we deal with"      
    - Tom Salvat, CEO, CONCURED
    Tom Salvat, CEO, CONCURED
  • Tariq Mahmood, Enterprise Sales, Concured AI Content Marketing
    I am writing to express my gratitude to Ross Clifford & Associates who helped me successfully secure the role of Enterprise Sales Executive at Concured. Ross was extremely professional and understood the specifics of the job I required. I especially appreciated his fast response, transparent communication, and coordination in a timely and efficient manner.
    - Tariq Mahmood, Enterprise Sales, Concured AI Content Marketing
    Tariq Mahmood, Enterprise Sales, Concured AI Content Marketing
  • Jessica Cole, Editor – Redwood London.
    Ross is one of the friendliest recruiters I've dealt with. He was always attentive, quick to respond and ready to help with any questions I had. He's very professional, and not at all superficial like so many other recruiters out there. I would highly recommend him.
    - Jessica Cole, Editor – Redwood London.
    Jessica Cole, Editor – Redwood London.
  • Gareth Lofthouse, Founding Partner, Longitude.
    “We look for commercial people with a rare blend of talents. They need to be able to advise our blue-chip clients on thought leadership strategy. They need to be highly strategic and purposeful in uncovering opportunity. And they need the hunger it takes to thrive in a rapidly evolving business. RC&A were quick to understand our needs, they only delivered high-quality people for interview, and succeeded in getting us a winning candidate incredibly fast.”  
    - Gareth Lofthouse, Founding Partner, Longitude.
    Gareth Lofthouse, Founding Partner, Longitude.
  • Johnny Meredith, Senior New Business Manager, The Bio Agency.
    I can't rate or recommend Ross highly enough. He brings a thoughtful, personal approach to the process, carefully matching opportunities with candidates, through a good understanding of their priorities and skills. Throughout, he keeps candidates up to date in an open, honest way. A genuine pleasure to work with.
    - Johnny Meredith, Senior New Business Manager, The Bio Agency.
    Johnny Meredith, Senior New Business Manager, The Bio Agency.
  • Karen Troman, Office Manager & HR Co-ordinator, VoucherCodes.co.uk part of RetailMeNot
    Ross is the best recruitment agent I have worked with, he stayed in contact, kept me informed and was with me every step of the process. He also checked in with me during my first couple of weeks in my new role to make sure I was settling in. I wouldn't hesitate to recommend him.
    - Karen Troman, Office Manager & HR Co-ordinator, VoucherCodes.co.uk part of RetailMeNot
    Karen Troman, Office Manager & HR Co-ordinator, VoucherCodes.co.uk part of RetailMeNot
  • Neil Kettleborough, CRO & Co Founder, Chalk Social
    I have worked with Ross over 4 years now and he has always delivered a really high standard of candidate both at senior and junior level. His online knowledge is second to none and all the candidates he has put forward over the years have only good things to say about Ross and his work ethic.
    - Neil Kettleborough, CRO & Co Founder, Chalk Social
    Neil Kettleborough, CRO & Co Founder, Chalk Social
  • Helen Rosemier, Commercial Director, Professional & Financial Services Practice, Longitude
    Ross is a fantastic recruitment consultant -  extremely professional, meticulous, patient and supportive. Throughout the process, I felt he represented me really well and genuinely cared about my career and finding the right role. Thanks to Ross I am now in a role I love, working with a brilliant team. Very highly recommended!
    - Helen Rosemier, Commercial Director, Professional & Financial Services Practice, Longitude
    Helen Rosemier, Commercial Director, Professional & Financial Services Practice, Longitude

© Ross Clifford Associates. Website by Outlines Design.