Published in the New Hampshire Business Review (9/15/22)

Many business leaders and human resources professionals believe that cyber security is the responsibility of their information technology staff and managed services provider. However, ensuring that employees and their families have appropriate cyber security protection is an employee benefit that benefits employers as well.

Mistakes, lack of awareness, and general vulnerability of employees remains the most significant cyber security risk for most employers. Simply training employees about cyber threats typically fails to reduce that risk sufficiently. To have a truly cyber mature workforce, employers need to engage employees in cyber security. Teaching employees about the threats to themselves and their families, and making personal protection services available to them, is a much better method to engage employees in cyber security.

Training. Cyber security training is not most people’s idea of a good time. However, employees sit up and take notice when trainers talk to them about the prevalence and severity of the cyber threats to themselves personally, including their identities, credit files, financial accounts, personal devices, and home networks. Additionally, explaining that their aging parents and children face these same threats never fails to get employees meaningfully engaged. Employers can then translate that personal engagement into an increased awareness and commitment to the cyber security policies and practices that protect the business.

The following are a few training opportunities that typically motivate employees: (a) taking control of your credit bureau accounts, extinguishing fraudulent or unnecessary credit, and freezing or locking your credit; (b) obtaining identity, credit, and financial crime protection for yourself and your family; (c) ensuring that your personal financial accounts are secure from theft; (d) hardening your home network and online accounts; and (e) ensuring the online safety of yourself and your family members.

To read more click here.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Cameron Shilling

Cameron is a director in the Litigation Department, and chair of our Cybersecurity and Privacy Group.  In his 20 plus years as a lawyer, Cameron has managed, litigated and resolved numerous commercial matters involving data security, technology, business, and employment issues in New…

Cameron is a director in the Litigation Department, and chair of our Cybersecurity and Privacy Group.  In his 20 plus years as a lawyer, Cameron has managed, litigated and resolved numerous commercial matters involving data security, technology, business, and employment issues in New Hampshire, Massachusetts, New England, and around the country.  His education and depth of legal experience, as well as his professional interests and passions, are strengths that Cameron leverages to provide the highest quality counseling and litigation services to clients.

Combining his business, technology and employment interests, Cameron has developed a depth and breadth of experience in privacy and data security.  His résumé includes managing numerous data security audits, preparing and implementing written security policies, training executives, managers, and employees in data security, auditing, preparing and implementing data security agreements with vendors and business associates, addressing a wide variety of day-to-day security issues, and investigating and remediating many security breaches.  Cameron has dealt with these issues under a range of state and federal laws, including the Gramm-Leach-Bliley Act (GLB), Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH), Securities and Exchange Commission (SEC) regulations, Fair Credit Reporting Act (FCRA), Fair and Accurate Credit Transactions Act (FACTA), the Massachusetts and California data security regulations, and a number of other state data security and breach notification laws.

Data privacy is another focus of Cameron’s practice, including creating and implementing privacy policies, terms of use agreements, information use and social media policies, advising clients about workplace privacy, social media, and consumer privacy, and handling data privacy claims asserted against companies.  He has dealt with these issues under numerous applicable laws, including the Child Online Privacy Protection Act (COPPA), United States and Canadian CAN-SPAM and anti-spam laws, Electronic Communications Privacy Act (ECPA), Stored Communications Act (SCA), Computer Fraud and Abuse Act (CFAA), Federal Trade Commission Act (FTC Act), Massachusetts privacy act, California Online Privacy Protection Art (CalOPPA), state wiretap laws, and a variety of other state and federal privacy laws.

Cam can be reached at cameron.shilling@mclane.com. His direct dial is 603-628-1351, and his cell phone is 603-289-6806.