Staff training and education are increasingly a strategic tool for companies and professional firms to maintain and change skills over time. This is an important part of a firm’s workforce, and it is an important part of the firm’s workforce.
ICT – Information and Communication Technologies – is today a fundamental tool for the operation and competitiveness of an organization, whether public or private. Whatever the IT infrastructure, its size and characteristics, today it has become an essential element within an activity. And it is right that the people in charge of using this infrastructure are properly trained. This doesn’t mean that we all have to be computer science graduates with PhDs in cyber security; at least some rudimentary knowledge of the subject – other than using a spreadsheet or word processing – should be possessed.
Just think that until a few decades ago, when PCs and especially the Internet were not yet a daily occurrence, technical high schools studied typing, which later evolved into “word processing”: in a nutshell, the art of writing quickly using a typewriter and then a keyboard connected to a PC was taught. In its day, the typewriter was a must-have, a highly advanced tool for performing clerical tasks. The advent of PCs has supplanted this tool and with the arrival of the Internet all boundaries have literally been broken down and more barriers are set to collapse day by day. As fundamental as the use of the WWW is in the work environment, at the same time the issue of protection is not recognized with adequate attention. There is a lack of basic culture, after all, the Internet is a “wonderful world” but it harbors threats that can be recognized and avoided.
An alarm bell (or rather an entire bell tower) should have already rung for many business owners at the time of the devastating cyber attacks that have taken place over the past year. All it takes is one click to see weeks, months, years of work go missing. The key to understanding the value of opting for a security-oriented overview lies in giving simple examples.
- Let’s think about our car: it’s subject to wear and tear, like a PC; it’s subject to factory defects, like a PC; it’s subject to damage caused by third parties or weather events, like a networked PC. For the latter eventuality, we worry about paying for insurance to cover any damage: investing in IT security, including staff training, is just like turning to an insurance company for your car.
- Another example, perhaps even simpler to understand, is that relating to the burglar alarm in our home. In this case we are totally concerned with the protection of malicious actions by third parties, as a hacker would do by taking possession of our information. As in the case of a theft at home, the cyber attack produces not only the loss of data but also economic damage associated with the same loss.
Possessing a certain cyber culture that includes the knowledge of the risks of an “unscrupulous” use of the web allows to adopt behaviors aimed at prevention and protection of the working environment. An extra gear for oneself, for the company and also an eye for attention when managing data of third parties our customers. It’s worth it!