Organizational Culture Enhances Cyber Security
Every week, both public and private sector organizations face new cyber security threats. Those who wish to bring down information technology (IT) systems, whether against Government agencies or major corporations, possess the skills and persistence necessary to do so.
One thing is clear: the traditional safeguards to our IT infrastructure and systems are becoming less effective.
Cyber crime is problematic in that it remains a permanent danger that is characterized by constantly changing actors, threats, and techniques. The evolving threats that organizations face today must be met by an enterprise-wide culture that emphasizes training and awareness programs, repeatable processes for preemptively identifying threats, and environments that encourage the reporting of suspicious activity.
The financial benefits that arise from comprehensive training and awareness programs are sufficiently compelling on their own. For example, companies without security training for new hires average $683,000 in losses from cyber security incidents, while those that have training programs average about $162,000 in losses. These programs focus on bottom-up approaches to identifying and reacting to potential cyber security threats at a time in which systems are susceptible to breaches at any level of an organization.
Organizations must focus on processes and established criteria that identify potential threats before they manifest themselves, and distribute this information across their workforces. For example, the Federal Bureau of Investigation’s insider threat guide lists personal and organizational factors as well as behavioral indicators of individuals who may wish to wreak havoc on IT systems. Enterprise-wide processes and standards make cyber security a possibility. Organizational culture makes it a priority.
Cyber security isn’t exclusively an IT issue; it is a business issue. The environments that leaders and executives build through their management style and communication techniques should cultivate an awareness of cyber security issues. Cyber security is an ongoing challenge, and requires more than a one-time communication.
