Did you know you can become a cybersecurity mini-pro? Many practitioners handling confidential data (therapists, coaches, psychologists and researchers) that I’ve talked to over time have voiced concern at the risk of the cyberspace to their client data. At the same time they don’t know where to start to upskill their cybersecurity. I’ve also talked to therapists shocked at how they’ve been hacked, seen their data reach the wrong hands, or have been tricked by scams aimed at them.
Good cybersecurity relies on a layered approach to defence – meaning through multiple barriers we make it more difficult for someone to infiltrate our online conversations, our data and systems. Where one layer doesn’t stop someone, another may. The good news is setting up many of these layers can be learnt and easily implemented by practitioners themselves with no difficulty. There are also some extra wins and rewards for you for doing so:
- with layers of defence in place, you're actively trying to keep your clients’ information as safe as possible and striving to live up to confidentiality requirements (hackers don’t follow the codes of ethics that you do!)
- you can add to your business proposition and explain to your clients that you have upskilled in cybersecurity, which reduces the chances of any data breach or impact to your client's data or business
- what you learn for your practice may transfer to your own use of the internet at home, and you’ll be able to show off your impressive, new security abilities to others (family and friends) and help them stay safer online
As practitioners holding confidential data, we need to be confident in our ability to create a trusted, safe environment for our clients and their data. You can look at the cases of Vaastamo and SAM-H online to see the impact of attacks and the fallout for their clients.
Here is a short list of questions – which if you can’t answer, I hope will encourage you to dive deeper into this topic:
- do you know the cyber threats and fraud types most targeted at you?
- what are the technological layers you have in place beyond anti-virus protection
- how are you contracting with clients on cyber risks today?
- have you checked that all apps, software and services you use with clients are secure?
- do you have a response and recovery plan?
- are you deleting all your client data? And on schedule?
One of the reasons fraud, cybercrime and data breaches are impactful is that research has revealed that it’s enough to know that any of your data might be out there in the hands of others, to start the feeling of being a victim of crime.
You’re not alone if you're nervous around the topic of cybersecurity or fraud prevention – however, you can learn this little by little. Have a think about how you can make this important topic part of your CPD this year.