When I was a panellist of a Zoom "inclusive parenting" session as part of my role, I never expected to be subjected to a racial attack. In the first few minutes of our online seminar, we saw things we can't unsee; graphic images that we’d rather not repeat here. The cybercriminals honed in and personally targeted me. I felt exposed, abused and shocked that something like this could happen.
The learning curve that we’ve been on was the inspiration and foundation to our new STOPIT protocol. Alongside Dr Jamie McKeown, I was the driving force behind this change and demand for a person-centred approach. It's a policy that lives and breathes diversity and inclusion in our new online business world.
Since COVID-19 took hold, we’ve been forced to look at the ways in which we interact and do business. Cyber threats and attacks are on the rise. In fact, according to a recent study, a cyber attack happens every 39 seconds. Many organisations are not prepared; the use of safety measures to support their employees online isn’t even on their radar.
Addressing hate hacks and online abuse should be at the top of every employer’s agenda right now. Yes, it might be an uncomfortable conversation, but it's one that needs to take priority. I know from experience that the alternative is much, much worse.
The STOPIT protocol aligns to core company values of diversity, trust, honesty and care. This policy places people at the centre of all business. Our desire is that this is used across every organisation so that it becomes standard everywhere for everyone.
It is simple. We’re using a clear, powerful, step-by-step method to shape the person-centred approach. We want to see implementation across industries as a matter of urgency.
Companies should be demonstrating the core values of their brand, both internally for employees and externally to clients. As an employee, knowing that you are walking into a space that actually cares about your psychological well-being – as well as the results you are expected to bring – is one of the most valuable things an employer can offer.
We asked our industry experts how to stay safe online.
1. Be prepared for the unexpected
"Implement an incident management plan. The Online Security Breaches Survey 2019 showed that just 16% of businesses had protocols or processes in place for dealing with cyber-harms," McKeown says. Having a plan of action in advance has the potential to reduce psychological harm.
2. Make sure your accounts aren’t vulnerable
According to Neil Waugh, chief information officer at M&C Saatchi: "Phishing attempts have increased by over 650% since the beginning of the pandemic. Change your password to a longer password made up of three or four random words or lyrics of a song. Something hard to guess but easy for you to remember. Use a unique password for each site you access and save them to your browser so you don’t always need to remember them."
3. Double your layers of security
Waugh adds: "Turn on two-factor authentication. This process adds an additional layer of security to your online accounts. It requires you to have two things when you log in: your password and a numerical code which is generated by your smartphone. This process ensures that even if a cyber attacker gets your password, they still can’t get into your accounts. Almost all of the sites and services you use will provide this for you and it’s simple and easy to set up." This means that hackers will have one extra step to go through before accessing your accounts.
4. Understand your legal responsibilities
"An employee must take reasonable steps to provide a safe workplace and protect employees from unacceptable behaviour such as bullying or unauthorised interference in work activities," Shilpen Savani, partner of dispute resolution and employment law at Gunnercooke, says.
5. Recognise cyber-harms as part of your HR framework
McKeown suggests: "Treat cyber-harm as a health and safety issue. The impact on individuals can be psychologically crushing. For example, depression, anxiety, shame have frequently been observed in targets of cyber-harms." It’s important to acknowledge the impact of cyber-harm and place it at the heart of your health and safety policy.
6. Live and breathe the policies you implement
Michelle Raymond, HR specialist and founder of The People’s Partner, comments that "any duty of care policy shouldn’t just be a tick-boxing exercise: it should be part of your company values and ethos". Policies should exist off the page and be ingrained in the DNA of your organisation.
7. Be aware of the risks and impact of cyber hate crime
"Ian Wright’s recent online attack saw his perpetrator hand himself in as Ian ensured this attack was visible. Brands have a responsibility to ensure hate does not happen on their platforms," Ged Grebby, chief executive of Show Racism The Red Card, observes.
8. Communication is paramount in a crisis
"It's key for brands to communicate quickly with the facts during a crisis but also acknowledge the impact on the customer. Empathy is key and the tone of voice is everything to establish trust. During a crisis, a brand needs to remember the brand purpose and its values too. This is what the public will look for; how the brand is living their values and how their response mirrors that. Sometimes you have to apologise, say what you're going to do to be better and follow through on that with clear, decisive action," Tamara Littleton, chief executive of The Social Element, explains.
9. Think long term in times of hardship
Littleton comments: "It's also important for a brand to focus on what they want to be remembered for in the future and not in the short term. If the brand has a strong sense of purpose and clear picture of how they want their consumers to view them, this becomes their 'north star' and it helps brands make good decisions in times of trouble." Brands will be remembered, for better or for worse, depending on how they handle crises.
10. Support the target of crime holistically
Sulaiman Khan, founder and chief purpose officer at ThisAbility, says: "Disabled people are often forgotten when it comes to online abuse, yet we are one of the most targeted. Engage and listen to people with disabilities, to ensure they are participating in any solutions concerning their holistic wellbeing in the workplace. Also, it is important that the burden of this type of incident isn't placed on disabled people; they are usually expected to navigate and solve the issue themselves. Treat disabled people as the humans they are too."
Businesses that flourish and have longevity are those that believe, embrace and inject diversity and inclusion at the core of all that they do. In our new online reality, there couldn't be a more important moment to drive this forward.
Lydia Amoah is learning and cross-cultural director at Creative Equals
Find out more about STOPIT here