cyber security

Respond

you need to substantiate the main idea of your responses by using experiences or referencing a credible information source

Disagree

As security breaches are happening on a daily basis, cybersecurity is a major concern with any company large or small, hence promoting security has been a major step taken to improve the security posture of organizations. The security professionals are the ones who need to protect the security of the systems as well as the organization as a whole. There are certain steps which are taken by the security professional to cultivate the culture of security awareness, collaboration, as well as buy-in in the management, staff, client or the stakeholders. This needs to include organizing training for all the staff, client and stakeholders and making sure it is company policy to complete it, but it isn't a one and done approach as well. This approach would be similar in that being a teacher we promote things in the school about positive culture, building confidence in the school to past state tests etc. The cyber folks are doing similar things in their companies. As I mentioned the teacher in me says the information needs to be presented in different ways, not everyone learns the same way. Some things can be creating videos to implement the goal of trying to get across. It can be done on their time on a computer or mobile device. Once the person has completed the presentation then they will have to answer some questions based on what they learned from the slides. Many employees may think it is boring and might just fly through the sessions, so for example if they answer all of the questions, then they are done for that particular training. If they don’t pass then they have to do it again. Also, the security folks can help raise awareness of the sensitivity of the data on the systems that they work with on a daily basis and educate employees on what that looks like. Some ways to accomplish this is by creating posters written on higher-quality shiny card stock and place these in key areas. The sizes of those posters will vary, and that they will be placed strategically close to doorways, in elevators, hallways and close to offices and cubicles, kind of like when your in a hospital setting like HIPAA does. Also, monitors can be placed in strategical areas and can be used to point out security connected messages that relate to areas that require to be strong. If there's a company graphics team, they can also assist by making attracting combos of photos to enhance the presentation of those straightforward security connected reminders. These are certain ways to engage all stakeholders the importance of sound security posture and ways to get there, but at the same time thinking outside of the box.

 

                                                                                                  References

da Veiga Adele. (2018). Cultivating and assessing information security cultur. Retrieved from https://pdfs.semanticscholar.org/19f3/868160b9667ae2ad93923bd3b17b1acdacb4.pdf

SecurityTrails. (2018). Cyber security culture: Why it matters for your business. Retrieved from https://securitytrails.com/blog/cybersecurity-culture

Sloane Kate. (2018). Five ways to develop a cybersecurity culture Retrieved from https://www.align.com/blog/five-ways-to-develop-a-cybersecurity-culture