Wednesday, October 16, 2024

Tech News, analysis, updates, comments, reviews

The Cybersecurity Culture

There’s an ever present theme in my discussion about cybersecurity; Cybersecurity should be a culture.

You see, when most people talk or hear about Cybersecurity, they immediately almost associate it to the opposite of hacking. Inasmuch as that has some truth in it, it leaves a lot to be desired.

By definition, it means the practice of deploying people, policies, processes and technologies to protect organizations, their critical systems and sensitive information from digital attacks.

This shows that it is not only a people-problem. It is an entire department in itself. It has procedures, processes, systems and personnel, not to mention specific skills.

What I mean when I say it is a culture, is that it is not a do-once and forget thing. It is a do-and keep doing process. One that keeps changing, sometimes too fast and too quick.

The culture

In an organization, to ensure maximum compliance to security, a security posture has to be developed and embedded to the actual duties of each staff. Every checklist must not be missed or else a breach occurs. And as we know, it only takes a single point for the entire system to be compromised.

Password security, email security, physical security, phishing tests, security policies, are all procedures that once done several times, seem okay and obvious that most employees them repetitive and therefore abandon them.

One way to make them feel non-obstructive is by making them enjoyable, and shuffling activities every time an activity is done.

Once your employees get that they need to change their passwords every 90 days, that they will not open links they don’t trust, etc. it becomes embedded in them. It becomes an identity they can identify with. It becomes a culture. They then can spread this to other people, friends, colleagues, etc. and when your employees are indoctrinated to this culture, your CISO will have an easier time managing your Cybersecurity posture.

It will mean less security incidents, less money on recovery, more efficiency, cleaner reports, increase customer trust. Today, this can hugely benefit fintechs, as they are the ones with the most trust issues right now.

Final thoughts

Cybersecurity is slowly getting the voice it needs in our boardrooms, but still the accountability lies primarily with leaders in IT.

For instance, there’s still an ever growing gap in Cybersecurity professionals globally. Companies are not changing their hiring procedures and requirements, meaning that this is going to go on for a while.

And mind you, companies are now more than ever prone to cyber attacks. This is due to the mass migration to digitization of business processes, having more sophisticated systems and the de-centralization of systems, like the cloud architecture.

Cybersecurity mostly fails because of lack of adequate controls. No organization is 100% secure, and organizations cannot control threats or bad actors. Organizations only control priorities and investments in security readiness.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Get notified whenever we post something new!

spot_img

Migrate to the cloud

Make yourself future-proof by migrating your infrastructure and services to the cloud. Become resilient, efficient and distributed.

Continue reading

The Tor Project + Tails, A Game-Changing Merger for Privacy Advocates

In a significant development for digital privacy enthusiasts, the Tor Project and Tails have merged their operations, uniting two of the most trusted tools in the fight against online surveillance. This merger, announced this month, combines the power of...

Concerns about the ICT Bill 2024 in Kenya

Kenya's tech industry has been a beacon of innovation and growth, thanks in part to a regulatory environment that has allowed startups and innovators to thrive. However, the proposed ICT Bill 2024 raises concerns about the future of this...

AI Overlords are no longer an Internet meme

The AI boom might be slowing down finally, and a few companies have cemented themselves as the go-to defacto owners of the space. OpenAI is leading the race, backed my #Microsoft and Google follows closely behind. Nvidia is the...

Enjoy exclusive discounts

Use the promo code SDBR002 to get amazing discounts to our software development services.