I recently discussed with a few friends what they believe to be the most important area of cyber security and why.
All three of them explained how they see technology as the main focus of cyber security because, “cyber is digital, so digital protection would be the viable option”.
It all comes down to people
Let’s assume that technology is the most important aspect of cyber security. But then, ask yourself these questions:
Who chooses the technology you use? – People
Who implements the technology? – People
Who manages the technology to ensure that it’s being used effectively? – People
If you want to be cyber secure then it’s imperative that you ensure your staff possess adequate skills to keep your organisation safe.
This doesn’t necessarily mean that you should only be providing training to your IT department. You have to consider educating all your departments on cyber security, relative to their role.
Accounts and HR: Your accounts and HR departments handle customer and employee personal information. As with every organisation in the UK, they need to adhere to the principles of the Data Protection Act 1998.
All staff: Last year IT Governance published a report which revealed that 54% of senior executives see their own staff as the biggest cyber security threat they face. This threat can be greatly reduced by providing all of your staff with basic information security e-learning.