It’s well known that one of the hardest things to manage for a cybersecurity program is people, who often don’t recognize its importance, and how little mistakes by them can lead to big consequences for companies, according to Intelligent CIO. The key driver for managing this is building a culture of cybersecurity accountability within your organization, considering the following steps:
Starting at the top, by ensuring leadership is both engaged and supportive
Carefully explaining the goals of the cybersecurity team, and how they help keep everyone working
Describing concerns, risks, and actions in plain language, so everyone can understand
Emphasizing the importance of cybersecurity awareness continually
Establishing training that is both informative and engaging, so people retain key information
Recognizing people may make cybersecurity mistakes, and the first reaction to an error shouldn’t be punishment
Remaining open for constructive feedback, to encourage people to offer suggestions or point out areas that could be improved.
By building this accountability, you’ll find yourself with an organization that is at lower risk, as people will be more aware of and willing to report on cybersecurity threats they’ve observed.
Source: