Question: Should new hires receive cybersecurity training during their initial orientation or after completing a probationary period?

Answer: Training new employees on data protection and cybersecurity should be incorporated into the initial orientation and should continue to be an area of training that is regularly updated in light of constant developments in technology. Each employee, new hire or long-term, has the responsibility to protect company data and must understand how critical data security is to his or her workplace. For example, through adequate cybersecurity training, employees may be taught how to identify threats which could result in the inadvertent or unauthorized release of sensitive, personal, or classified information. Cybersecurity experts recommend that HR and IT departments coordinate efforts to provide ongoing training to all employees on a regular basis.

Training employees at the onset of hire may reduce workplace vulnerability to cyber threats or attacks while educating the workforce with specific policies and procedures to mitigate risk. For example, employees should be instructed to develop complicated passwords that incorporate symbols, numbers, and capital letters to prevent access to company data; on how to recognize phishing and malware attempts; and on securing their laptops and other mobile devices to prevent theft or data loss.