The Importance Of Strengthening Your Organization’s Human Firewall By Involving All Business Levels And Functional Areas.
By Sara Velásquez, Growth Lead, Seccuri
What exactly is cybersecurity? Is it a matter that should only be addressed by people in IT or, as we are seeing today in the industrial domain, the Industrial Internet of things (IIoT)?
All of us who are involved in the practices of cybersecurity are well aware of how important this subject has come to be in the present world, where our daily life in both our organizations and at home are immensely dependent on technology, electronic devices, and the sharing of information.
We have learned through constant news headlines and even our own practical work that cyber threats are becoming increasingly sophisticated and complex, and that they will continue to evolve to become even more threatening and damaging, just as the people behind them keep getting better at their malicious production.
No matter the threats we face, our role in cybersecurity will continue to rely on safeguarding our organizations’ crown jewels (whether these are information, services, or systems). But as we focus on determining the best way to secure these assets, we need to start counting today, more than ever, with the rest of our organization to become part of the cybersecurity army we are today part of. According to CompTIA, the cost of cybercrime has risen 10% in the past year, expecting to cost over $10.5 trillion annually by 2025. What’s worse, we currently face a cybersecurity talent workforce gap of 3.4M people… In case you are wondering what these indicators translate into, try guessing whether they might indicate the lack of professionals in cyber supporting our inhouse organizational efforts, or even possible burnouts from the amount of work we’ll be tackling in our day-to-day basis, as a result of more complex cyber threats but the same – or even less members in our cybersecurity workforce (as we have been seeing big companies such as Amazon conducting major layoffs).
Whichever case it might be, having the rest of our organization jump on board in our cybersecurity matters seems to be one of the best strategies to tackle these challenges. To do so, building a cyber awareness culture throughout our entire organization becomes critical. Training all business levels, from C-Level executives and Board Members to our colleagues in other functional areas (such as Finance, HHRR, Marketing and Operations) on topics such as cybersecurity fundamentals, and keeping them constantly aware of not only the cyber threats the organization is most susceptible to face, but also the mitigation and defensive actions that must be taken each time, are some of the key points that must be addressed to build this cyber awareness culture.
All people in our organization need to be aware of which are their responsibilities when it comes to cybersecurity, and actively own up to them. Yes, working directly in our IT or cybersecurity teams means being part of the first line of defense, but remember there exists a about a 95% of becoming victim of a cyber-attack due to human error. Today, 52% of global company employees still work remotely, of which 80% have claimed to have encountered more cyber threats. What’s more, about 76% of worldwide employees are having inappropriate access to sensible information. There’s for sure work to be done on better defining access controls, but making sure everyone knows what the best practices are for information management is a fine measure to prevent cyber-attacks from materializing or at least having an enormous impact on our operations.
People at our organization need to know the risks associated with sharing information with third party entities (including all those that directly and indirectly involved in our supply chain), keep a record of best practices for rutinary activities such as safe password management, ensuring secure remote work, and safely using online applications (such as email and collaborative apps such as Google Drive or Zoom).
Keeping our entire organization updated on the latest cyber risks and cybersecurity trends, and making sure this information is clear and easy to be assimilated by any other team (regardless of their nature) will for sure enable your organization to have a strong human firewall that relies not only on IT and cybersecurity teams, but on every single individual who makes up the entire organizational ecosystem.
Cybersecurity is a matter that should be addressed by everyone, not only us!
About the Author
Sara Velásquez is part of Seccuri, the Global Cybersecurity Talent Platform, where she works as a Growth Lead helping cybersecurity professionals upscale their career paths through job opportunities and training. By focusing on closing the cybersecurity talent gap that exists worldwide, she helps companies find the professionals they require and supports the growth of the cybersecurity talent pool.
Sara can be reached online at firstname.lastname@example.org and at our company website https://www.seccuri.com/