Monday, April 15, 2024

Tech News, analysis, updates, comments, reviews

The Cybersecurity Culture

There’s an ever present theme in my discussion about cybersecurity; Cybersecurity should be a culture.

You see, when most people talk or hear about Cybersecurity, they immediately almost associate it to the opposite of hacking. Inasmuch as that has some truth in it, it leaves a lot to be desired.

By definition, it means the practice of deploying people, policies, processes and technologies to protect organizations, their critical systems and sensitive information from digital attacks.

This shows that it is not only a people-problem. It is an entire department in itself. It has procedures, processes, systems and personnel, not to mention specific skills.

What I mean when I say it is a culture, is that it is not a do-once and forget thing. It is a do-and keep doing process. One that keeps changing, sometimes too fast and too quick.

The culture

In an organization, to ensure maximum compliance to security, a security posture has to be developed and embedded to the actual duties of each staff. Every checklist must not be missed or else a breach occurs. And as we know, it only takes a single point for the entire system to be compromised.

Password security, email security, physical security, phishing tests, security policies, are all procedures that once done several times, seem okay and obvious that most employees them repetitive and therefore abandon them.

One way to make them feel non-obstructive is by making them enjoyable, and shuffling activities every time an activity is done.

Once your employees get that they need to change their passwords every 90 days, that they will not open links they don’t trust, etc. it becomes embedded in them. It becomes an identity they can identify with. It becomes a culture. They then can spread this to other people, friends, colleagues, etc. and when your employees are indoctrinated to this culture, your CISO will have an easier time managing your Cybersecurity posture.

It will mean less security incidents, less money on recovery, more efficiency, cleaner reports, increase customer trust. Today, this can hugely benefit fintechs, as they are the ones with the most trust issues right now.

Final thoughts

Cybersecurity is slowly getting the voice it needs in our boardrooms, but still the accountability lies primarily with leaders in IT.

For instance, there’s still an ever growing gap in Cybersecurity professionals globally. Companies are not changing their hiring procedures and requirements, meaning that this is going to go on for a while.

And mind you, companies are now more than ever prone to cyber attacks. This is due to the mass migration to digitization of business processes, having more sophisticated systems and the de-centralization of systems, like the cloud architecture.

Cybersecurity mostly fails because of lack of adequate controls. No organization is 100% secure, and organizations cannot control threats or bad actors. Organizations only control priorities and investments in security readiness.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Get notified whenever we post something new!

spot_img

Migrate to the cloud

Make yourself future-proof by migrating your infrastructure and services to the cloud. Become resilient, efficient and distributed.

Continue reading

A Rant: Stripping Privacy in This Era

The world has a privacy problem. Everything connected to the Internet (which is almost everything today), is for the taking. Looking around an average person's daily routine, it exposes the enlarging attack surface with each device we purchase, each...

Unveiling the Future: AI Breakthroughs and Their Impact

Welcome to the era where science fiction meets reality – the world of Artificial Intelligence (AI). In this exploration, we embark on a journey through recent AI breakthroughs, uncovering the marvels of advanced image recognition and natural language understanding....

 Navigating the Ethical Landscape of Artificial Intelligence

Introduction Welcome to a critical exploration of the brave new world of Artificial Intelligence (AI), where innovation and ethics intertwine. In this thought-provoking piece, we delve deep into the ethical considerations surrounding AI technologies. From the responsible use of AI...

Enjoy exclusive discounts

Use the promo code SDBR002 to get amazing discounts to our software development services.