In a recent podcast from England Rugby Union coach Eddie Jones, he made reference to the adage about trying to be “world-class at things that require zero effort.”    

Relating that adage to the work environment, people can become world-class in some ways that require ‘zero effort’:

  • Being on time for online meetings  
  • Paying attention during meetings
  • Looking at the person you’re speaking to instead of looking at your phone
  • Being polite
  • Tidying up after yourself when you leave a desk

Most people know about cyber hygiene best practices, but they often ignore them. The question is, how do we make people become world-class at them? That way, they become zero-effort activities people include in work and personal online lives.

Breaking Bad Cyber Hygiene Habits

In a Harvard Business Review article, Dante Disparte and Chris Furlow explained how cyber hygiene training can help improve cybersecurity at work. With any cyber threat, “the first and last line of defense is prepared leaders and employees.”

They argue that untrained people are every bit as dangerous as malicious code to the organization. With people being a potential problem for cybersecurity, how do we go about changing that? 

Another key to cybersecurity is fixing your employees’ bad habits. In another Harvard Business Review article, Alex Blau writes: “One lament that echos in information security circles is that we’re not doing enough to deal with cybersecurity’s biggest, most persistent threat — human behavior.”

People will delay or push back tasks that may be critical to cyber hygiene. Blau observes that people will delay updating software and use similar passwords with the excuse that they don’t have time to practice cyber hygiene. As a result, the ‘better time’ to update software and take other cyber hygiene steps may never come along.

Learning to Make Big Changes With Little Effort

Some cyber hygiene best practices include:

The U.K National Cyber Security Centre provides good cyber hygiene advice for individuals and businesses in its 10 Steps to Cyber Security guidance. This advice provides a good understanding of cyber hygiene both at work and at home.   

Cyber Hygiene as a Team 

Can we make adhering to cyber hygiene and best practices something that becomes ‘zero effort’ for all of us? Most people now spend their lives online during work and at home. So, protecting ourselves and the organizations we work for should become second nature

Blau comments that “people have a tendency to look toward other people, especially those who are similar to them, to learn how to act.”

If we demonstrate them to colleagues, friends and family, these zero-effort activities will go a long way toward making the world a safer place. We should all try and become world-class at cyber hygiene. 

More from Risk Management

The Role of Human Resources in Cybersecurity

The human resources (HR) department is an integral part of an organization. They work with all departments with a wider reach than even IT. As a highly visible department, HR can support and improve an organization’s security posture through employee training. Their access to employees at the start of employment is an opportunity to lay a foundation for a culture of risk awareness. HR departments do not typically include cybersecurity risk awareness training with new hire onboarding, but it’s something…

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…

Six Ways to Secure Your Organization on a Smaller Budget

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats with fewer resources — both human and technical. Cobalt’s 2022 The State of Pentesting Report found that 90% of short-staffed teams are struggling to monitor…