<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1033252670099820&amp;ev=PageView&amp;noscript=1">
New Call-to-action

Building A Robust Cybersecurity Culture

› › › BACK TO THE BLOG

[fa icon="calendar"] Aug 11, 2016 10:34:04 AM / by WALLIX

cybersecurity-culture.jpg

There’s no doubt that awareness of information security in corporations has dramatically improved in recent years. Stories of breaches, both internal and external, have filled the media. Where the CEO has been forced to face the music on the evening news, where most people now understand the value of data and the risk of it falling into the wrong hands.

Many things are driving the growth of a more security focused culture in most businesses. Investment in building this cultural change has never been higher, with analyst firm Gartner predicting spending on Information Security will reach $8.1bn (€7.2bn) in 2016, a 7.9% increase over the year previous.

So what are some of the key points to consider when developing your security awareness strategy? Each of these is equally important and must be considered as part of a holistic approach.

 

Policies

Many organisations have moved to make managers and employees aware of their responsibilities by creating policies to govern information security. These policies are crucial, but they can only be effective when owned and given a practical purpose. For example, ensuring people are trained on these policies and understand the impact of a failure to follow them. Most companies now have a formal induction process for new employees where computer use and security policies are reviewed.

 

Leadership

These initiatives and policies must not be seen simply as tick box exercises that run the risk of not being taken seriously. To ensure this isn’t the case, information security must be owned and reinforced as a business issue that matters at the highest level. One way to support this is to align security strategy with key business goals and objectives, issues like building customer loyalty or managing risk.

 

Assessment

The ultimate success of any cybersecurity culture can only really be determined by continual measurement and feedback from stakeholders. Surveys, interviews, tests and audits are crucial in revealing whether programs are effective but also to identify any gaps that need to be filled.

 

Technology

Implementing technologies that reduce your attack surface and help reinforce your security strategy is essential. But technology alone cannot prevent every threat, it’s always worthwhile to invest seriously not just in the technology itself, but ensuring that it’s correctly implemented in the right places.

WALLIX offers solutions that give privileged users in your organisation secure access to information systems and devices, and gives you complete visibility and auditing of their actions, helping you to meet compliance requirements and keep data secure.

 

Get our FREE DEMO to manage and monitor privileged access

Topics: Preventing Insider Threat

WALLIX

Written by WALLIX