It is also important to mention the responsibility of employees as they are crucial assets to your organization.
With that said, due to our nature, we are prone to committing mistakes. Threat actors know this very well, taking advantage via social engineering to breach enterprise IT systems.
One door that's held open to the wrong person can result in losses of valuable data worth millions of dollars, compromising your clients or consumers, and damaging the reputation of your organization.
Therefore, it is very important to train your employees to know the different physical security controls your company is using, the steps they should take if they spot a suspicious stranger, and how to efficiently respond to an ongoing attack (the physical security plan serves as a decent base for your employees).
Unfortunately, many organizations overlook physical security and its importance to protect against data breaches. Due to the latter, the number of human mistakes has grown, and researchers consider employee negligence as a significant risk to the security of valuable assets.
According to a 2019 report by the Ponemon Institute and Shred-It, 71% of the breaches in the healthcare sector were due to either the loss or theft of electronics devices or paper documents.
While an increased focus on email and phone call phishing training has grown over the years, security regarding our buildings, devices, and physical awareness should not be forgotten.