On October 11, 2022, HAWK Advisers hosted a seminar where Robert Garbee, Founder of Roanoke InfoSec Exchange (RISE) and Neely R. Conner, Director of Carilion’s Employee Assistance Program helped us storm Area 51, discussing the topics of Cyber Security and Mental Wellbeing in the Workplace.

We polled over 300 employers, requesting them to rank their top 10 “unidentified risks” that they believed were invading their operations and their bottom line, cyber security and mental health came back as the top two concerns. A study from The Standard conducted during the pandemic found that 65% of employees reported losing 10% of their productivity per week due to mental health (up from 58% pre-pandemic). With the increase of employees working from home, supply chain shortages, e-commerce and travel, this created the perfect catalyst for cyber threats. A new report shows that small businesses are actually three times more likely to be targeted by cybercriminals than larger companies.

We invited the experts to share their insight on these two topics, here are the 10 takeaways from our recent seminar:

1. It is good practice to not use a simple/easy password for any account login, whether that password is being used for your bank account, Facebook or a software that you use at work. This is your sign from the universe that if your password is winter123, it’s time to change it. A 15-character password is highly recommended. Think of a phrase or song lyric that only you would know (i.e. Its@greatday4!nsurance)

2. As a good portion of the workforce is now remote or at least in a hybrid setting, not having good security practices in place can put employers at risk for data breaches. Making sure you are patching remote systems and providing extensive training to your employees can help mitigate a lot of risk. Say YES to those Windows updates!

3. Be mindful of the sites you visit. Double check URLs – check for HTTPS – this is HTTP with encryption and verification making it far more secure than HTTP. Use a website checker such as https://urlscan.io.

4. It may seem like a fun activity to participate in Facebook quizzes that require personal answers to questions like: “What is your favorite food? What hospital were you born in? What was your first pet’s name?” Ironically, these questions are the same questions that you might have to answer as a security question on a website. If these answers are readily available on your social media accounts, your chances of getting hacked significantly increase.

5. Cyber criminals are targeting smaller companies. You don’t have to be a Google, Netflix or Tesla to be at risk. If you are taking payments or storing sensitive information, you are at risk.

6. It is important for employers to build rapport with their employees. A good practice is to start meetings with a fun activity or silly question such as “what’s your preferred jelly on a PB&J” to help encourage conversation among team members.

7. The effects from the COVID pandemic will have a long-term detrimental effect on employee’s mental health, maybe even more so than recent tragedies like 9-11 and the VA Tech shooting.

8. A 2021 Harris Poll shows that 84% of adults have prolonged stress, 67% of adults state that the number of issues America is facing is overwhelming to them and the most common emotions included anxiety (47%), sadness (44%) and anger (39%).

9. Employers are encouraged to provide training to their managers and supervisors on recognizing when employees may be struggling with mental health or substance abuse and to encourage them to seek help from company resources like their Employee Assistance Program.

10. Since attracting and retaining employees has become an issue for employers no matter the industry, it is recommended that employers make room for recovery programs within their “Drug Free Workplace Policy & Procedure” and if you do not currently have a “Violence Risk Policy & Procedure” at your organization, it can be helpful to implement one.