Skip to main content
  • Foundation
  • Executive network
  • CEO Circle
  • SHRM Business
  • Linkage Logo
  • Store
  • Sign In
  • Account
    • My Account
    • Logout
  • Global
    • Global
    • India
    • MENA
SHRM
About
Book a Speaker
Join Today
Renew
Rejoin Now
Renew
  • Membership
  • Certification
    Certification

    Smiling asian student studying in library with laptop books doing online research for coursework, making notes for essay homework assignment, online education e-learning concept
    Get Certified!

    Be recognized as an HR leader with your SHRM-CP or SHRM-SCP credential.

    • How to Get Certified

      Demonstrate your ability to apply HR principles to real-life situations. No other HR certification compares.

      • How to Get Certified
      • Eligibility Criteria
      • Exam Details and Fees
      • SHRM-CP
      • SHRM-SCP
      • Which Certification is Best for Me
      • Certification FAQs
    • Prepare for the Exam

      Give yourself the best chance to pass your SHRM certification exam.

      • Exam Preparation
      • SHRM BASK
      • SHRM Learning System
      • Instructor-Led Learning
      • Self-Study
      • Study Aids & Add-ons
    • Recertification

      Recertify your SHRM Credentials before your end date!

      • Specialty Credentials
      • Qualifications
      Certification Portal
  • Topics & Tools
    Topics & Tools

    Stay up to date with workplace news and leverage our vast library of resources to streamline day-to-day HR tasks.

    The white house in washington, dc.
    Executive Order Impact Zone

    Do not abandon, but evaluate and evolve. It is about legal, equal opportunity for all.

    • News & Trends

      Follow breaking news and emerging workplace trends.

      Legal & Compliance

      Stay informed on workplace legal updates and their impacts.

      From the Workplace

      Explore diverse perspectives from your peers on today's workplaces.

      Flagships

      Get curated collections of podcasts, videos, articles, and more produced by SHRM.

    • HR Topics
      • AI in the Workplace
      • Civility at Work
      • Compensation & Benefits
      • Inclusion & Diversity
      • Talent Acquisition
      • Workplace Technology
      • Workplace Violence Prevention
      SEE ALL
      SHRM Research
    • Tools & Samples

      Access member resources and tools to streamline HR tasks.

      • Forms & Checklists
      • How-To Guides
      • Interactive Tools
      • Job Descriptions
      • Policies
      • Toolkits
      SEE ALL
      Ask an Advisor
  • Events & Education
    Events & Education

    SHRM25 in San Diego, June 29 - July 2, 2025
    Join us for SHRM25 in San Diego

    Register for the World’s Largest HR Conference being held on June 29 - July 2, 2025

    • Events
      • SHRM25
      • The AI+HI Project 2025
      • INCLUSION 2025
      • Talent 2026
      • Linkage Institute 2025
      SEE ALL
      Webinars
    • Educational Programs

      Designed and delivered by HR experts to empower you with the knowledge and tools you need to drive lasting change in the workplace.

      Specialty Credentials

      Demonstrate targeted competence and enhance credibility among peers and employers.

      Qualifications

      Gain a deeper understanding and develop critical skills.

    • Team Training & Development

      Customized training programs unique to your organization’s needs.

  • Business Solutions
  • Advocacy
    Advocacy

    Make your voice heard on public policy issues impacting the workplace.

    Advocacy
    SHRM's President & CEO testifies to Congress on "The State of American Education"
    • Policy Areas
      • Workforce Development
      • Workplace Inclusion
      • Workplace Flexibility & Leave
      • Workplace Governance
      • Workplace Health Care
      • Workplace Immigration
      State Affairs

      SHRM advances policy solutions in state legislatures nationwide.

      Global Policy

      SHRM is the go-to for global HR leaders and businesses on workplace matters.

    • Advocacy Team (A-Team)

      SHRM’s A-Team is a key member benefit, giving you the tools, insights, and opportunities to shape workplace policy and drive real impact.

      Take Action

      Urge lawmakers to support policies that create lasting, positive change.

      Advocacy & Legislative Resources

      Access SHRM’s curated policy materials and content.

    • SHRM-Led Coalitions
      • Generation Cares
      • The Section 127 Coalition
      • Learn More & Partner with SHRM Government Affairs
  • Community
    Community

    Woman raising hand in group
    Find a SHRM Chapter

    Easily find a local professional or student chapter in your area.

    • Chapters

      Find local connections from over 607 chapters and state councils and create your personalized HR network.

      SHRM Connect

      Post polls, get crowdsourced answers to your questions and network with other HR professionals online.

      SHRM Northern California

      Join SHRM members in the greater San Francisco Bay area for local events and networking.

    • Membership Councils

      Learn about SHRM's five regional councils and the Membership Advisory Council (MAC).

      • Membership Advisory Council
      • Regional Councils
    • Volunteers

      Learn about volunteer opportunities with SHRM.

      • Volunteer Leader Resource Center
Close
  • Membership
  • Certification
    back
    Certification
    Smiling asian student studying in library with laptop books doing online research for coursework, making notes for essay homework assignment, online education e-learning concept
    Get Certified!

    Be recognized as an HR leader with your SHRM-CP or SHRM-SCP credential.

    • How to Get Certified

      Demonstrate your ability to apply HR principles to real-life situations. No other HR certification compares.

      • How to Get Certified
      • Eligibility Criteria
      • Exam Details and Fees
      • SHRM-CP
      • SHRM-SCP
      • Which Certification is Best for Me
      • Certification FAQs
    • Prepare for the Exam

      Give yourself the best chance to pass your SHRM certification exam.

      • Exam Preparation
      • SHRM BASK
      • SHRM Learning System
      • Instructor-Led Learning
      • Self-Study
      • Study Aids & Add-ons
    • Recertification

      Recertify your SHRM Credentials before your end date!

      • Specialty Credentials
      • Qualifications
      Certification Portal
  • Topics & Tools
    back
    Topics & Tools

    Stay up to date with workplace news and leverage our vast library of resources to streamline day-to-day HR tasks.

    The white house in washington, dc.
    Executive Order Impact Zone

    Do not abandon, but evaluate and evolve. It is about legal, equal opportunity for all.

    • News & Trends

      Follow breaking news and emerging workplace trends.

      Legal & Compliance

      Stay informed on workplace legal updates and their impacts.

      From the Workplace

      Explore diverse perspectives from your peers on today's workplaces.

      Flagships

      Get curated collections of podcasts, videos, articles, and more produced by SHRM.

    • HR Topics
      • AI in the Workplace
      • Civility at Work
      • Compensation & Benefits
      • Inclusion & Diversity
      • Talent Acquisition
      • Workplace Technology
      • Workplace Violence Prevention
      SEE ALL
      SHRM Research
    • Tools & Samples

      Access member resources and tools to streamline HR tasks.

      • Forms & Checklists
      • How-To Guides
      • Interactive Tools
      • Job Descriptions
      • Policies
      • Toolkits
      SEE ALL
      Ask an Advisor
  • Events & Education
    back
    Events & Education
    SHRM25 in San Diego, June 29 - July 2, 2025
    Join us for SHRM25 in San Diego

    Register for the World’s Largest HR Conference being held on June 29 - July 2, 2025

    • Events
      • SHRM25
      • The AI+HI Project 2025
      • INCLUSION 2025
      • Talent 2026
      • Linkage Institute 2025
      SEE ALL
      Webinars
    • Educational Programs

      Designed and delivered by HR experts to empower you with the knowledge and tools you need to drive lasting change in the workplace.

      Specialty Credentials

      Demonstrate targeted competence and enhance credibility among peers and employers.

      Qualifications

      Gain a deeper understanding and develop critical skills.

    • Team Training & Development

      Customized training programs unique to your organization’s needs.

  • Business Solutions
  • Advocacy
    back
    Advocacy

    Make your voice heard on public policy issues impacting the workplace.

    Advocacy
    SHRM's President & CEO testifies to Congress on "The State of American Education"
    • Policy Areas
      • Workforce Development
      • Workplace Inclusion
      • Workplace Flexibility & Leave
      • Workplace Governance
      • Workplace Health Care
      • Workplace Immigration
      State Affairs

      SHRM advances policy solutions in state legislatures nationwide.

      Global Policy

      SHRM is the go-to for global HR leaders and businesses on workplace matters.

    • Advocacy Team (A-Team)

      SHRM’s A-Team is a key member benefit, giving you the tools, insights, and opportunities to shape workplace policy and drive real impact.

      Take Action

      Urge lawmakers to support policies that create lasting, positive change.

      Advocacy & Legislative Resources

      Access SHRM’s curated policy materials and content.

    • SHRM-Led Coalitions
      • Generation Cares
      • The Section 127 Coalition
      • Learn More & Partner with SHRM Government Affairs
  • Community
    back
    Community
    Woman raising hand in group
    Find a SHRM Chapter

    Easily find a local professional or student chapter in your area.

    • Chapters

      Find local connections from over 607 chapters and state councils and create your personalized HR network.

      SHRM Connect

      Post polls, get crowdsourced answers to your questions and network with other HR professionals online.

      SHRM Northern California

      Join SHRM members in the greater San Francisco Bay area for local events and networking.

    • Membership Councils

      Learn about SHRM's five regional councils and the Membership Advisory Council (MAC).

      • Membership Advisory Council
      • Regional Councils
    • Volunteers

      Learn about volunteer opportunities with SHRM.

      • Volunteer Leader Resource Center
Join Today
Renew
Rejoin Now
Renew
  • Store
    • Global
    • India
    • MENA
  • About
  • Book a Speaker
  • Foundation
  • Executive network
  • CEO Circle
  • SHRM Business
  • Linkage Logo
SHRM
Sign In
  • Account
    • My Account
    • Logout
Close

  1. Topics & Tools
  2. Workplace News & Trends
  3. 13 Ways to Reduce Cyberattack Vulnerability
Share
  • Linked In
  • Facebook
  • Twitter
  • Email

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus convallis sem tellus, vitae egestas felis vestibule ut.


Error message details.

Copy button
Reuse Permissions

Request permission to republish or redistribute SHRM content and materials.


Learn More
News

13 Ways to Reduce Cyberattack Vulnerability

July 10, 2018 | Dinah Wisenberg Brin

Two people working on computers in an office.


​Cybercriminals consider small businesses a "target of choice," and a vast number of owners may be leaving their websites and companies unnecessarily vulnerable to attack, a new report suggests. Training employees on sound cybersecurity practices is an integral part of protecting a business, experts note.

In a recent survey of 250 website owners, cloud-based security firm SiteLock found that 59 percent are responsible for their own website upkeep but only 41 percent update website applications at least once a month. Experts consider software updates vital to protecting computer systems.

Among other survey findings: Of owners who had experienced a security incident, 24 percent reported that it damaged their business reputation while more than 35 percent reported that it endangered their bottom line.

"This may leave businesses with websites vulnerable to a variety of cyberattacks. It also begs the question, what other cybersecurity vulnerabilities are being left exposed? All too often, one of the weak links in the cybersecurity chain for corporations is employee awareness," said SiteLock product marketing specialist Jessica Ortega.

[SHRM members-only online discussion platform: SHRM Connect]

Even though Millennials represent one-third of small-business owners, that generation's digital nimbleness doesn't make their websites more secure, according to SiteLock.

Ortega and other experts offered suggestions for making employees more aware and companies more cybersecure:

  1. Make sure remote workers use a virtual private network, or VPN, rather than public Wi-Fi. "Many employees and contractors work from coffee shops and libraries as needed, to make use of their public Wi-Fi. However, public Wi-Fi can put internal company data at higher risk," Ortega said. A VPN connection ensures that communications are encrypted, preventing cybercriminals from intercepting them.
  2. Require strong passwords and good password habits. "A strong password is your first line of defense against attackers attempting to gain unauthorized access to your data," Ortega said. Passwords should be at least eight to 12 characters long, include letters and numbers, and should not contain commonly used words such as "admin" or your username, she said. She also recommended using a password manager to store randomly generated passwords, never reusing a password and choosing a unique password for each account to prevent hackers from using one password to breach more than one account.
  3. Urge caution before clicking. Most data breaches arise from social engineering and phishing malware attacks, Ortega noted. Phishing files disguised as shopping or banking apps, deployed to steal login or credit card credentials, represented 11 percent of malicious files cleaned from infected sites in the first quarter of 2018, according to SiteLock, which studied more than 10 million websites. "When entering your password for an account, always verify in your browser that the website you're visiting is indeed the site you intended to enter this information on," Ortega said, noting that experts also warn against clicking links in e-mails to authenticate any account. Instead, enter the URL for the company that holds your account directly into your browser, she advised. National Cyber Security Alliance Executive Director Russ Schrader similarly said workers should be trained to recognize spam and taught that opening links from unsafe sites can expose the whole company to a virus. Make sure e-mails can't be used for sending spam and consider blacklisting and whitelisting websites, Schrader said. "There are third-party providers who can help companies implement these security measures."
  4. Warn employees about the dangers of oversharing. SiteLock cautions against sharing too much information through social media, steering clear of surveys that ask for "seemingly innocuous" information, like a pet's name or a first concert, that cybercriminals can use to access accounts.
  5. Limit employee access to company data. "It starts with access—knowing who can have access to which of the company's data, e-mail, websites, et cetera," Schrader said. "When onboarding, HR should collect the profile of an employee, including what that person's job description is and what they will have access to. You need to ensure that your systems are safe and secure and that an employee who is not authorized to access the company's financial data can't take that data and send it elsewhere."
  6. Track all devices. HR needs to log each device that every employee has and be able to map each one to a person, Schrader said. "It should also be clear who in management can log in remotely to turn off any device they think is being misused."
  7. Limit personal use of work devices. Workers must know that a work device is meant for work and that they shouldn't store personal passwords or photos on the devices, as that information can be viewed by an employer or lost if the device goes missing, Schrader said.
  8. Encourage employees to quickly report their cybermistakes. "Thank an employee who admits she clicked a bad link or opened an attachment she shouldn't have. IT needs to know about these things as soon as possible," said employment attorney and HR consultant Kate Bischoff, SHRM-SCP, of tHRive Law & Consulting LLC. "If you punish her, no employee is going to come forward when they do the same thing. This allows the issue to grow and possibly affect the whole organization."
  9. Require two-factor authentication to log in to company systems.
  10. Train employees regularly. Training should be part of onboarding and should take place annually or semiannually, Schrader said. Guidelines should be readily accessible on the company's internal website, he said.
  11. Make cybersecurity part of offboarding. "If you're going to do a layoff or a planned termination, have the tech people lined up and ready to go immediately after termination should a disgruntled employee try to retaliate through a cyberbreach," Schrader advised.
  12. Use artificial intelligence-based security monitoring to find irregularities. "These systems can identify weaknesses, even down to unusual activity of a single employee," Bischoff said.
  13. Consider cyberinsurance. Small businesses should have it, but even if they don't, many policy applications have a checklist of what you need to do to secure data, Schrader said.

The National Cyber Security Alliance's CyberSecure My Business program includes resources to help small businesses better protect data.

Dinah Wisenberg Brin is a freelance writer in Philadelphia, covering workplace issues, entrepreneurship and small business, health care, logistics, and personal finance.

Risk Management
Technology
Workplace Security

Artificial Intelligence in the Workplace

​An organization run by AI is not a futuristic concept. Such technology is already a part of many workplaces and will continue to shape the labor market and HR. Here's how employers and employees can successfully manage generative AI and other AI-powered systems.



Related Content

Kelly Dobbs Bunting speaks onstage at SHRM24
(opens in a new tab)
News
Why AI+HI Is Essential to Compliance

HR must always include human intelligence and oversight of AI in decision-making in hiring and firing, a legal expert said at SHRM24. She added that HR can ensure compliance by meeting the strictest AI standards, which will be in Colorado’s upcoming AI law.

(opens in a new tab)
News
A 4-Day Workweek? AI-Fueled Efficiencies Could Make It Happen

The proliferation of artificial intelligence in the workplace, and the ensuing expected increase in productivity and efficiency, could help usher in the four-day workweek, some experts predict.

(opens in a new tab)
News
How One Company Uses Digital Tools to Boost Employee Well-Being

Learn how Marsh McLennan successfully boosts staff well-being with digital tools, improving productivity and work satisfaction for more than 20,000 employees.

HR Daily Newsletter

Stay up to date with the latest HR news, trends, and expert advice each business day.

Success title

Success caption

Manage Subscriptions
  • About SHRM
  • Careers at SHRM
  • Press Room
  • Contact SHRM
  • Book a SHRM Executive Speaker
  • Advertise with Us
  • Partner with Us
  • Copyright & Permissions
  • Post a Job
  • Find an HR Job
Follow Us
  • LinkedIn
  • Facebook
  • Twitter
  • Instagram
  • YouTube
  • SHRM Newsletters
  • Ask An Advisor

© 2025 SHRM. All Rights Reserved

SHRM provides content as a service to its readers and members. It does not offer legal advice, and cannot guarantee the accuracy or suitability of its content for a particular purpose. Disclaimer


  1. Privacy Policy

  2. Terms of Use

  3. Accessibility

Join SHRM for Exclusive Access to Member Content

SHRM Members enjoy unlimited access to articles and exclusive member resources.

Already a member?
Free Article
Limit Reached

Get unlimited access to articles and member-exclusive resources.

You've reached the limit of 1 free article this month. Join to access unlimited articles and member-only resources.

Already a member?
Free Article
Exclusive Executive-Level Content

This content is for the SHRM Executive Network and Executive Content Subscription members only.

You've reached the limit of 1 free article this month. Join the Executive Network and enjoy unlimited content.

Already a member?
Free Article
Exclusive Executive-Level Content

This content is for the SHRM Executive Network and Executive Content Subscription members only.

You've reached the limit of 1 free article this month. Join and enjoy unlimited access to SHRM Executive Network Content.

Already a member?
Unlock Your Career with SHRM Membership

Please enjoy this free resource! Join SHRM for unlimited access to exclusive articles and tools.

Already a member?

Your membership is almost expired! Renew today for unlimited access to member content.

Renew now

Your membership has expired. Renew today for unlimited access to member content.

Renew Now

Your Executive Network membership is nearing its expiration. Renew now to maintain access.

Renew Now

Your membership has expired. Renew your Executive Network benefits today.

Renew Now