| |||||||||
| |||||||||
Current Filter: Network>>>>>Opinion> Security as a Culture Editorial Type: Opinion Date: 01-2016 Views: 1544 Key Topics: Networking Security Insider Threats Cybercrime Key Companies: IS Decisions Key Products: Key Industries: | |||
| François Amigorena, President and CEO of IS Decisions explains why security awareness is crucial in tackling the insider threat and establishing sustainable and extensible security Each October, European Cyber Security Month (ECSM) delivers five weeks of focused activities, they say to "Promote cyber security among citizens and advocates for change in the perception of cyber-threats." No exception, October 2015 promoted the theme that, 'Cyber Security is a Shared Responsibility', highlighting the fact that cyberspace cannot be secured without the help of all users. The topic for the second week, 'Creating a culture of cybersecurity at work', related closely to what for most organisations is their weakest point - its employees. Many, if not most, security breaches involve internal users, and this is referred to as the insider threat.
INSIDER THREAT The files and folders stored on an organisation's internal network could become a target. Putting security measures in place that will track, monitor and restrict data access and movement is therefore hugely valuable. If there aren't any protocols in place for when a breach happens then it could be too late to recover or even minimise the damage by the time you find out.
PROTECTION Training and software solutions are equally important, but to create a culture of cybersecurity they must work together and not be regarded as separate tools. Most insider threat breaches are down to plain human error, but you don't want your staff to think that the software solutions are there as part of a witch-hunt. It is important to educate them on why the tools are there, how they work and how they can proactively participate in a process that helps to safeguard company information. On the other hand, technology can help with the training process by giving users reminders of policy in situ, for instance if they are trying to login from a new device, and this provides a more engaging way to educate employees. IS Decisions has created an online game to test security awareness and make it fun ( www.isdecisions.com/user-security-awareness-game).
GET CREATIVE As technology evolves, threats will also evolve. Organisations must accept that there is no one-size-fits-all solution, even for regulated industries. Creating a culture of cybersecurity within your organisation and for your employees is paramount to safeguarding your company, including its employee's future, against insider threats. NC | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |