If we take a look at the last few years, the issue of cyber security has undergone a colossal change. What was once considered solely a job of the IT operations department and was casually discussed by the top management has now gained primacy in the higher echelons of the organizations. The Board members are now actively involved in the decision making that not only reviews the state of cyber posture of their organizations but is also aimed to enhance it further, make it robust through latest technologies and consolidate it through high budgetary allocation to attract highly skilled manpower. The reason behind such a tectonic shift in the paradigm of cyber security is the breaches and intrusions that have occurred in last few years and caused huge losses to big firms Anthem,Target and now the Yahoo.
While such a change is highly appreciable, it is just a stepping stone to what is actually required. Given the present state of cyberspace, no longer can organizations afford their departments to work in silos when it comes to cyber security. What is required is a cultural shift from the bottom to the top of the organizational pyramid covering every nook and corner of all echelons and stratums wherein every individual employee of the organization maintains an optimum cyber hygiene. The maintenance of cyber hygiene is not just the duty of the top level decision makers or the InfoSec team of the organization but of every individual in every department. It is the job of every employee from the CEO to the newly hired apprentice to maintain an optimum security hygiene and develop a level of vigilance and awareness. It is the cumulative impact of individual cyber hygiene that can effectively deter and prevent the belligerent and bellicose cyber criminals from raiding the organizational networks and stealing the data. It is the shared level of vigilance and cyber awareness on which the organization’s cybersecurity posture is dependent.
Inculcating Security in work culture is more of an Art than Science. By simply disbursing guidelines to the employees won’t bring the desired cultural shift. The focus has to be more on changing the mindset of the employees. So how do we change the mindset? Following are few strategies that would make an impact:
Inculcate security today for it is an intangible thing with tangible benefits. Given the number of threats and threat actors in today’s cyberspace, security culture derived from an optimum cyber hygiene that runs from the Break Room to the Board Room assumes utmost significance.
Publisher