}

Managing cookies

We use cookies to ensure the proper functioning of the site, to measure the audience and to broadcast appropriate advertising. Check out our Cookies policy to find out more.

Accept
Refuse
Tous
Cybersecurity
Project management
Cloud
Sovereignty
Alternatives
Tools
Home
Blog
Cybersecurity
Author
Lionel Roux
CEO at Wimi
In this article
Share

How to make your teams aware of cyber risks?

Cybersecurity
5 min
Posted on
4/2/2026
How to make your teams aware of cyber risk?

Today, in a world where everything is digitized, cybercrime is exploding and businesses of all sizes can become the target of a cyberattack, whether it's phishing, ransomware, image damage, or espionage. According to the business cybersecurity barometer conducted by CESIN (the Club of Information and Digital Security Experts), 57% of the companies questioned say they had experienced at least one cyberattack in 2020.

By itself, the Covid-19 pandemic has generated a 35% increase in cyber risks, and the resulting generalization of teleworking has caused a 37% increase in cyber risks (again according to the CESIN report). When we know that Human error is responsible for over 90% of security incidents, we better understand the importance and the urgency for companies to raise awareness among their employees in order to face this growing threat.

If today, 77% of companies believe that their employees are aware of cybersecurity, 63% think that they do not apply all the recommendations given. So here are six tips to help you make your teams more aware of cyber risks.

Establishing a cybersecurity culture

To ensure that your employees understand the importance of cybersecurity and the significant impact that a cyber attack can have, you need to integrate IT security and data protection into your company culture.

Businesses of all sizes and sectors need to have a Risk culture, that is to say, to know all the risks they may face. Cyber risk must be one of them. In this way, they can implement a comprehensive security strategy to protect their data and reputation, limit threats and reduce their impact.

Involve everyone

As mentioned above, human error is responsible for nine out of ten security incidents. And often, these are well-meaning employees who have been tricked. All departments and functions are concerned with IT security, from marketing to finance to human resources, because each of your employees can, for example, be a victim of phishing (or phishing) or download a document that he shouldn't have.

You must therefore involve all your employees in cybersecurity, and not only the IT department. Adjust your cybersecurity policy according to their needs, and support them in implementing best practices and eradicating risky behavior. Involving all your employees is an effective way to raise their awareness.

Writing an IT charter

Like the rules of procedure, the IT charter is an indispensable document that determines the strict security policy of the organization's information systems. It is part of the role of the Information System Security Manager (CISO) to design and update security frameworks for company personnel, including the IT Charter and the Information System Security Policy (PSSI).

The IT charter sets out the rights and obligations concerning the use of the computer system within the company. In particular, it defines the general conditions of use of Internet access, the company's various information networks and its multimedia services. It sets the conditions for employees to access company data and regulates, if necessary, the use of personal equipment (especially when working from home).

Written in a clear and understandable manner, the IT charter informs employees about the tools that are available to them, the uses they can make of them and the data protection rules. It also determines the possible disciplinary sanctions that apply in the event of non-compliance with these rules.

The IT charter must be appended to the company's internal regulations.

Regularly train in best practices

All of your employees must participate in computer security training. This should be based on concrete examples so that your employees better understand the dangers they may face.

The site of theNational Information System Security Agency (ANSSI) provides you with various tools such as the guide to good computer practices and the guide to computer hygiene.

To alert your employees to cyber threats in a more offbeat tone, broadcast them the four films of the Hack Academy, a cybersecurity campaign organized by the Club Informatique des Grandes Entreprises Françaises (CIGREF) in 2015.

It is essential to regularly remind your employees to be vigilant because cybercriminals can strike every day. To do this, communicate by email or via the intranet, recalling the various cyber risks, practical advice to protect yourself from them and the procedures to follow in the event of an attack. Promote cyber caution by also providing information on the emergence of new fraudulent practices.

Informing newcomers

When you welcome and integrate a new employee into your company, you must provide them with a welcome booklet that gathers all the information about your organization and how it works. This includes the rules of procedure as well as your IT charter.

Make sure that your new hire has read this document by having them sign it when they take up their job.

Organize cyber risk simulation exercises

In order to better raise awareness among your teams about cyber risks and to test the level of security of your infrastructures and networks, you can organize cyberattack simulation exercises. Today, nothing beats training in real conditions to prepare for the multiple cyber threats that await your business.

This type of exercise makes it possible to assess the security measures put in place in your company, to verify the reactions and digital reflexes of your employees, and to learn how to manage potential damage. In the face of cyber threats, the key is to anticipate. With training, you and your teams will develop skills, reflexes and methods that allow you to better react and work effectively together. You will then be ready when a cyber attack occurs.

To help you, do not hesitate to consult the guide entitled” Organize a cyber crisis management exercise ” from ANSSI.

To conclude

Follow these six tips to make your employees aware of cyber risks. It is a permanent and long-term mission. You must constantly be vigilant, find ways to improve your cybersecurity and correct your weak points, and train your employees because cybercriminals never stop.

Other similar items

See all articles
Cybersecurity
Use filtering and access control solutions
4/2/2026
Written by
Lionel Roux
collaboration & cybersecurity
Cybersecurity
Develop a collaborative work culture focused on cybersecurity
4/2/2026
Written by
Lionel Roux
How can you effectively combat phishing (phishing)?
Cybersecurity
How can you effectively combat phishing (phishing)?
4/2/2026
Written by
Lionel Roux
See all articles