Creating a Cybersecurity Culture Starts With Your Team. Recommendations, 5 things to do and 5 not to do
In these days we have seen how different experts point out aspects that we must take into account in order to expand the reach of cybersecurity and I don’t want to miss the opportunity to join that line of strategic awareness useful for the leaders of organizations of all sizes.
While reading the top security projects for 2020 2021 that, according to Gartner, all security and risk management leaders should focus on, I was looking the issues where Kymatio can best help our clients to improve (which by the way are many).
Suddenly a LinkedIn post catches my attention, it was from J. Eduardo Campos, (EMPA CISM CISA CISSP CPP) who stated on LinkedIn:
“Make the human factor the “best” link by investing in people’s training, awareness, and well-being”.
The phrase, with which of course I completely agree, was part of a response to a post by Bret Arsenault, Corporate Vice President and Chief Information Security Officer at Microsoft who stated:
“Creating a cybersecurity culture at work becomes both more important and more challenging when employees work at home”, and continues… “Regardless of whether they’re in the office or working remotely, employees are your last line of defense against cyber bad actors. Adopting interactive training and frequently testing with realistic scenarios can help drive an effective cybersecurity culture”.
Mr Arsenault is a respected security leader across the industry and is recognized for his ability to navigate risk through innovative leadership and vision. He recommends reading Mark Soten´s article on Creating a Cybersecurity Culture Starts With Your Team.
Published on SecurityIntelligence, Mark recommends 5 do´s and 5 don´ts you must followin order to improve your employees cybersecurity culture.
I want here to point out how Kymatio can help you meet these objectives:
From the Do´s
Kymatio is designed to operate periodically with them with a monthly default basis.
Kymatio goes further and prepares people understanding the different types of motivations behind the psychological manipulation techniques.
Kymatio provides all the information necessary to understand the level of cyber risk, the strengthen requirements of the organization and the evolution of the metrics over time. Also facilitating at the personal level metrics for each person, also for the members of the C-level.
Kymatio offers the best approach to quickly identify where they reside under the organization in order to start working with the cultural change.
Kymatio provides both, chat interactions to understand the employees needs and analysis of their evolution with situational cyber test sessions.
About the Don’ts (which are aligned with Kymatio’s philosophy)
- Don’t be overly forceful or overbearing with the program.
- Don’t forget to include managers, key stakeholders and relevant IT teams in the process.
- Don’t use the same phishing test for each user or always send on the same day.
- Don’t start your awareness program with complicated concepts.
- Don’t forget to remind everyone in your organization that a robust security culture extends beyond the office to help employees keep safe at home as well.
At Kymatio we are completely aligned with the spirit of Mark’s words.
Remember that your employees are the last line of defense against threat actors.
Originally published at https://kymatio.com/en/creating-a-cybersecurity-culture-starts-with-your-team/
Published By
Originally published at https://kymatio.com/en/creating-a-cybersecurity-culture-starts-with-your-team/
