Four ways to improve your organisation’s security mindset.
Every cyber security expert knows that the best technology in the world won’t protect…
Every cyber security expert knows that the best technology in the world won’t protect an organisation if its workforce has no consideration for security. And, conversely, if you’re lucky enough to have super-aware staff, but your organisation hasn’t invested in the right technology or security services, you’ll be fighting a losing battle.
Mindset and technology are the yin and yang of cyber security: one can’t be effective without the other. And because mindset is about how people think and behave and what values they hold, it’s more of a challenge to get right. Staff with the right mindset about cyber security are your first line of defence against cyber-attack, and their daily habits and processes – from passwords to working from home to not leaving their iPhone on the train – will make your job a lot easier.
The perfect cyber security mindset
An ideal cyber-security corporate mindset has four elements:
How to improve mindset
You’re an IT Security specialist. Technology is your thing. But you’ll need more than cyberwidgets to protect your organisation. Here are four ways that you can improve your organisation’s cultural mindset:
1. A pro-user attitude:
See your users as a resource, not a great big pain. People are a key part of your cyber defences so it’s worth thinking of them as resources, rather than a source of trouble.
2. Sell your role
Sell your role as one that’s there to help your colleagues in other departments; to keep them and their work safe. Show them that you are their resource, too.
3. Communicate clearly
You’re the expert so it’s up to you to communicate what you need staff to do in order for the organisation to stay safe. But make sure that your instructions are clear, usable and acceptable. You’re not likely to have much success if you’re asking staff to memorise a trillion different passwords, no matter how positive they are about security.
4. Make it usable
When compliance is a problem, too often it’s because the design of the system is at odds with new cyber security practices. Pay attention to user experience – yes, sit with them if you must: your own first-hand experience will be valuable in identifying and solving problem points.
If you’re an IT Security specialist you have a key role to play in improving your organisation’s cyber security mindset, and it’s in your own best interests, too. After all, a switched-on workforce makes your job a whole lot easier.
Wale Omolere is an experienced Cyber Security instructor and practitioner with over 18 years’ experience working in Consulting, Oil & Gas, Telecommunication, Automobile, Asset & Wealth Management. He has a background in computer science, coupled with direct experience in all types of computing and networking platforms. He provides Cyber security advisory services to business, as well as hands-on management of IT systems, projects, and operations. He has led the deployment of various cyber security technologies, developing processes for managing and monitoring security incidents.