The title of a new webinar from a publishing company focused on banks says it all: “Social Engineering – human beings as risk factor”. In this particular instance, it is referring to cyber crime and the webinar is all about how to avoid staff being manipulated into lowering firewalls and making the institution vulnerable.
But let’s look at the larger implication of this: basically, no matter how well “controlled” or managed staff is, how good the processes and policies are or even the incentives for “smart working”, there is a strong residual risk that some staff members will inadvertently – or even intentionally – subvert protective systems and open the organization to criminal energy.
And why would staff do this? Well, an alarming finding by the Gallup Organization, which tracks such issues, is that 34% of US employees are actively “engaged” (defined as the extent to which employees feel passionate about their jobs, are committed to the organization, and put discretionary effort into their work), whereas 35% of managers in the US are engaged. In Germany, the level for employees is less than half of even that low bar.
So what can be done? How can a business owner protect the business from fraud and worse? This is where a reflection on individual initiative + responsibility, ownership + authority and self-determination comes into the picture.
But in order to address issues in these areas, one must first have an overview of what is going on in the organization from a human capital perspective. Our self-assessment, to be launched shortly, provides you with a current picture of the resilience and human risk factors in your company or organization, as well as recommendations for specific remedial actions.
Once you know what you have to do, you as a business owner can take the next steps!
