Taking Responsibility for Cybersecurity
Jeffery Perry shares an article on the problem of cybersecurity and why everyone must make it a priority.
Cybersecurity threats are growing significantly across the business landscape. Not a day goes by without media reports of cyber attacks by bad actors intent on holding businesses hostage to disrupt operations and/or demand major ransom payouts. As such, businesses are increasingly investing in cybersecurity human capital, cybersecurity frameworks, and significant financial capital to wage the cybersecurity battle. Even with these efforts, businesses remain vulnerable due to lapses by people across the enterprise who may create opportunities for cybersecurity breaches. Therefore, cybersecurity must be a priority for everyone across the enterprise, not just for people who work directly in cybersecurity and information technology (IT) functions.
To combat cybersecurity threats and to elevate the issue, many organizations have appointed a Chief Information Security Officer (CISO) and have greatly increased the hiring of cybersecurity professionals to bridge traditional IT functions with management, financial, and operational ecosystems that everyone interacts with daily in the normal course of business. The National Institute of Standards and Technology (NIST) has developed the following framework that is leveraged by cybersecurity professionals and is digestible for non-technical people across any enterprise:
Identify – Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities
Protect – Develop and implement appropriate safeguards to ensure the delivery of critical services
Detect – Develop and implement appropriate activities to identify the occurrence of a cybersecurity event
Respond – Develop and implement appropriate activities to take action regarding a detected cybersecurity incident
Recover – Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident
Key points include:
- The growing cost of cybersecurity
- Securing entry points
- Shared accountability
Read the full article, Cybersecurity Must Be Everyone’s Problem, on LeadMandates.com.