How a Near Miss Now Could Cost You Your Business in the Future
Suppose that you are sending sensitive business information to a colleague via email. Just after you click send, you realize that you accidentally sent it to the wrong person with a similar name. You immediately look down and see Google Apps' "Undo" option and avoid a catastrophe. You make a mental note of the near miss and move on with your day.
A few months later, a colleague inadvertently sends an email containing sensitive data to the wrong person. The company is forced to disclose the data breach to regulators and there's a significant fine. You can't help but wonder if internally reporting the near miss that you experienced months ago could have helped avoid the data breach and its consequences.
Near misses are great learning opportunities that shouldn't be ignored by cybersecurity conscious organizations. Let's take a look at how to translate near misses like these into valuable improvements to your cybersecurity.
What Are Near Misses?
Near misses are events that had the potential to cause a cybersecurity incident, but they were caught just in time to prevent it. While it's tempting to chalk them up to a "lucky break" and move on, near misses can be invaluable learning opportunities. A process for reporting and investigating near misses can dramatically cut down on cybersecurity risks.
Some common cybersecurity near misses include:
- An employee reports a stolen laptop that contains sensitive, unencrypted data, but it's later discovered by a janitor that turns it into the IT department.
- The time schedules on an access control system were improperly programmed, unlocking exterior doors before anyone arrived, but an early employee noticed it.
- An employee opens a spear phishing email and is about to reply with sensitive information, but someone walks in and catches the mistake before they click send.
Near misses are frequently reported in the manufacturing industry where workplace safety concerns are paramount. According to some safety experts, there are more than 300 near misses for each serious accident. Organizations that report and investigate near misses can catch potential safety hazards before they result in serious injuries.
It's easy to see how these same processes could help improve cybersecurity. After a data breach occurs, it's easy to look back and see the warning signs, or near misses, that were ignored. A reporting and investigation process could help companies heed these warnings before it's too late and prevent a potentially catastrophic data breach.
How to Report Near Misses
Near miss reporting can be challenging for several reasons. While most employees know how to report a security breach, they may not understand why it's helpful to file a near miss report. They may also be hesitant to share a mistake that they made with others out of embarrassment or fear of punishment — particularly if it had significant consequences.
Download our free Near Miss Report Template that you can use as inspiration for your own reporting processes.
There are several ways to overcome these hurdles:
- Create a safe environment where anyone can openly share their thoughts. Employees shouldn't fear disciplinary action and anonymous reporting processes should be available.
- Employees should understand the value of reporting near misses and that they have a role to play in cybersecurity.
- The reporting process should be simple, quick and easy. Every employee should know how to accomplish it with minimal disruption to their daily work.
- The IT department should thoroughly investigate each near miss, determine the root cause or weakness, take action to remedy it and share their knowledge with others.
- Be proactive after learning of a near miss or incident — employees should be regularly taking cybersecurity awareness training courses to keep up with the newest trends and tricks online.
The near miss reporting process should clearly define roles and responsibilities and provide an easy way for employees to disclose incidents with minimal interruption. For example, you may want to appoint a specific person to collect reports and ensure that they're followed up with throughout the appropriate channels, from data collection to solution implementation.
For example, suppose that an employee nearly loses a laptop containing sensitive data that's unencrypted. The IT person responsible for follow-up may inventory the organization's laptops, audit the security on the operating systems and determine that full system encryption would be appropriate. They would then coordinate with IT to roll out encryption.
Creating a Security Culture
Reporting near misses is just one component of building a security-conscious workplace. Each employee should take responsibility for improving the security of the overall organization by reporting any weaknesses or vulnerabilities, as well as ensuring that their own actions don't introduce security risks (e.g. by using strong passwords).
Don't forget to download our free Near Miss Report Template that you can use as inspiration for your own reporting processes.
There are several ways to promote a security culture:
- Create and maintain cybersecurity policies that enforce best practices, such as password management and secure backups.
- Invest in tools that simplify cybersecurity compliance, such as password managers or active network protection. For example, Jungle Disk provides a cybersecurity suite that covers common network-level risk factors.
- Train employees about cybersecurity best practices during onboarding and during regular working lunches or meetings. For example, Jungle Disk provides efficient, on-demand online training for employees with engaging content and bite-sized training modules that fit into busy schedules.
- Conduct cybersecurity tests to assess network weaknesses, including tests on employees to ensure compliance. Try Jungle Disk's free network security scan to see how secure your network is in just a few minutes!
It's equally important to build adequate IT processes to enhance security. For example, the most security-conscious employees in the world won't prevent a data breach that stems from a router that is configured with the default username and password or outdated firmware. Organizations must have IT-level systems in place to prevent these vulnerabilities.
Jungle Disk provides a comprehensive cybersecurity suite that's designed for businesses with less than 250 employees. With a simple per employee, per month pricing model, the platform provides everything a business needs to be secure, including active network protection, password management, secure data backups and anti-malware and anti-virus support.
The Bottom Line
Near misses are tremendous learning opportunities. By encouraging employees to report them, you can heed lessons from small mistakes to prevent potentially catastrophic data breaches. The key is making the process simple and streamlined while ensuring that there's a point person in charge to translate the feedback into tangible results.
The costs of data breaches are difficult to overestimate. According to Dr. Stephen Haag's Management Information Systems for the Information Age, 43% of major data loss victims immediately go out of businesses and only six percent survive two years. Small businesses and/or businesses operating in regulated industries are especially at risk.