“Employees feel like they could not detect if their computer were compromised, and as we know, threats like ransomware can go undetected and do damage for months before detection, even in top-performing organizations. What practical steps should companies implement to create an ‘Actionable’ knowledge base among employees where gaps in such Employee awareness become reduced?”
Mobilizing Organizational Resources for the Collective Good to Prevent Cyber Attacks.
Security awareness is more about collaboration than teaching. When the user community feels informed about the cybersecurity threats and current attacks affecting their organization, they take a vested interest in the role in the development of a strong security culture.
Chief Information Security Officers(CISOs) recognize without the help of every employee in the organization, security breaches, including malicious attacks and other potential issues, will continue to rise. With the increase in cyber security threats, most legacy detection and response strategies will falter. Even the most tech-savvy users still pose the biggest to the organization.
Preparing for Tomorrow’s AI Attacks: Today
Hackers, leveraging artificial intelligence(AI) similar to organization Security Operations(SecOps) teams, have used tools to increase their cyber attack velocity and effectiveness. AI-based ChatGPT attacks have created near-flawless email phishing attacks, deep fake voicemail messages, and cleverly written SMS messages to the users’ mobile devices. The AI threat continues to grow each day, with hackers using these tools to increase their existing threat vectors.
SecOps would disclose portions of the attacking artifacts to the C-level leaders, risk management, and legal. Rarely did SecOps share details with the user community, except one of them became a victim of the attack.
Creating User-Facing Cybersecurity Dashboards: Creating an Actionable and Proactive Culture.
Security operations teams wanting to share the good, the bad, and the ugly of real-world cyber attacks have made a positive shift by developing dashboards for the user community. Users, always curious about the secret world of “cyber,” are deeply interested in knowing if the organization is getting hacked and by whom. CISOs recognizing this perfectly normal curiosity could become used to benefit the organization.
Exposing what the organization faces creates a collaboration culture and mobilizes users to participate in a cybersecurity strategy. Information sharing and providing non-technical explanations to the user community help raise awareness about security risks.
Shifting from an Authoritative to a Collaboration Partnership.
Organizations recognizing the challenge with the user acceptance of security controls and policies learned firsthand what happens when users choose not to follow these elements.
- Users inadvertently click on malicious links embedded within phishing emails without taking the time to read emails, leading to credential theft and ransomware propagation.
- Users download malicious content from websites and believe this piece of content is just another PDF document or an excellent application for their iPhone.
- Users are reusing their passwords for both personal and corporate email accounts.
The risk of the users within the organization never be underestimated. Yes, SecOps and IT engineering can deploy adaptive controls, including:
- AI-Powered Cloud-based email security platforms to help automate email encryption, DLP, inbound email filtering, and outbound data protection.
- Endpoint security with XDR integration.
- SASE/Zero-Trust for secure remote access and wide-area network optimization.
Even with these automated enterprise security capabilities, the need to develop a collaboration strategy by creating a cybersecurity culture that respects the diversity of the user base while protecting the corporation’s most asset, people.
Developing a Sustainable Agile Cybersecurity Culture.
“If security culture is a critical, need-to-have asset in the security toolbox – What can IT Leads and Business Executives do to ensure that organizational and IT policies and training programs become aligned with the constantly changing Cybersecurity threat landscape?”
CISOs working with their IT counterparts need to develop cross-functional collaboration, not a silo or island approach from the past. Cybersecurity is everyone’s responsibility. Changing the cybersecurity mindset and moving the organization to more interactive long-term security behaviors must be prioritized by management.
Every member of the organization needs to be an active participant in the cybersecurity operation plan. Users, SecOps, CISO, CIO, and other leadership team members must invest the time and effort to learn their role in developing this new culture. Does the organization budget for cybersecurity training, capabilities, and monitoring services? Does the organization actively recruit experienced talent for the SecOps teams? Having executive sponsors, a budget, and alignment with the business strategy is essential for every aspect of the organization. Every department needs to become an active participant in the cybersecurity strategy. This is not just an IT issue anymore.
Enabling Cyber Warriors through Open Communication, Partnership, and Trust.
Developing cyber warriors within your organization is like any other relationship. This process requires trust, open communication, and constant positive reinforcement of the core message to all the users that their actions will make a difference.
The security team and members of the IT department created previous cyber policies and training regimens in a silo. In the past, several secondary groups in governance, risk, compliance, human capital management, and legal contributed to creating the policy and training content. Many of these legacy policies would result in low user adoption and acceptance.
When CISOs and risk management teams develop user policies, and training strategies, to develop these internal assets, what is the best strategy to achieve this goal?
Many off-the-shelf cybersecurity training programs continue to be challenging for organizations to justify the cost partially because of the low adoption rate by the user community.
Why are CISOs discovering a shallow adoption and acceptance rate by many users? If the users do not recognize the valid reason they should care about the “mandatory quarterly training,” they will continue to resist and put less effort into supporting corporate security.
What causes this resistance and lack of adoption by the user community for these essential elements to help prevent cyber attacks from affecting their work life?
Innovation and Collaboration While Promoting Participation.
People need to feel part of the process. The organization’s comprehensive security programs need to change from a tops-down mandatory mandate to a system promoting collaboration through knowledge sharing, rewarding users for making the correct cybersecurity choices and granting access to the users to see what the organization faces every day when some clicks on the wrong.
That strategy builds and sustains a cybersecurity culture.
