Security and risk are important elements when onboarding new employees
Many organisations welcome new employees towards the end of summer. Most companies have good processes in place to receive new hires, familiarise them with the organisation, and ensure that all administrative aspects are in order so that they can start working quickly. However, our experience shows that not all companies are equally adept at making new employees aware of risks, vulnerabilities, and the existing Risk and Vulnerability Analysis and contingency plans.
New employees can pose a risk if they are not adequately informed about risks and vulnerabilities. It cannot be ruled out that certain actors may deliberately try to exploit new employees to gain access to information or other assets. To prevent and reduce the likelihood of unauthorised access, it is essential to have robust and straightforward procedures, thorough training, and, most importantly, a strong security culture where discussing risks and vulnerabilities is encouraged.
It is crucial that all employees have a solid understanding of risk in all domains (physical, digital, etc.) and know how to report incidents if something should occur. Active efforts should be made to create a culture where all employees feel comfortable with asking questions if they are unsure about something or raising concerns if they detect potential risks.
Why not utilise the time right after the vacation period to refresh all employees’ understanding of risk and vulnerability analyses, contingency plans, and procedures? Even those who have been employed for a long time can benefit from reviewing plans and procedures, and such a review will help establish a strong security culture within the organisation.