Unreliable employees are the weakest link in any company’s security posture claims Max Emilianov, CEO of HostForWeb, a Chicago-based web services provider.
“It doesn’t matter how much money you invest into point solutions and hardened architecture. It doesn’t matter how many people you hire to man your IT department. Having strong security infrastructure is all well and good, but you cannot afford to forget your people,” says Emelianov, who believes that proper training and security awareness initiatives can instill a culture of data security in companies.
Emelianov further explains why your corporate culture is key to maintaining cybersecurity in this essay from The Last Watchdog:
You need a corporate culture geared towards cybersecurity to provide the foundation for everything else. For that culture to be sustainable – for it to really resonate with your staff – it needs to possess a few key qualities. Here’s a good guide, according to TechBeacon:
•It must disrupt the established, ‘traditional’ way of doing things. A cybersecurity culture is change-driven at its core. As such, it must be deliberately structured to promote change – to allow the organization to adapt to the changing security landscape.
•It must be engaging and fun. Cybersecurity is too often looked at as painfully boring drudgery. Your goal is to reframe it – to make it something your workers want to get involved in. How you achieve this depends on your organization, but it does require that you know your staff fairly well.
•It must be rewarding. People should have the opportunity to pursue new careers within your organization based on their security expertise. People should be recognized for their contributions to improving your business’s security posture. People should, in other words, get something in return for participating in this new culture.
•It must provide a return on investment. In this case, what’s meant here is that it must in some way enhance your business’s security – it must make it easier to effectively keep your data safe.
