Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

Cyber Security Is A Team Sport

Webinar, Survey Finds IT Most Likely To Own Security

Add bookmark
Jeff Orr
Jeff Orr
03/09/2020
Security Champions

Who owns cyber security for the organization? This is a question suited for both organizations that are standing up their first security program as well as for existing security leaders seeking further maturity in an existing program.

Cyber Security Hub hosted a webinar with Code42 to explore how cyber security can become an integral part of enterprise behavior and culture. Cyber security is still viewed as an IT issue that often means InfoSec gets bolted on rather than bolted in to the company’s operations and culture. The typical owners of enterprise cyber security are IT or security.

This “bolted on” behavior has left security teams sometimes feeling like they are alone in a silo. Isolation can lead to struggles working with other departments and conveying the need for collaboration on security messages. However, the security team does not have to be the only ones spreading awareness and best practices for cyber hygiene. Security has touchpoints with every part of the organization including Legal, Risk, HR, Operations and more.

See Related: Sharing Stakeholder Knowledge Between Enterprise Cyber And HR Executives

Identifying Enterprise Secure Champions

This presents an opportunity to identify key stakeholders across the organization to help make security everyone’s responsibility. Some of these potential “champions” will be obvious from their leadership role. Others may be part of the workforce that are merely intrigued by the work that the cyber security team does, and want to offer assistance.

When considering the organizational pillars of people, process, information and technology, the activities and scope of modern enterprise security are so much more than the technologies. While cyber practitioners need to have an intimate understanding of software and systems, too many security teams focus on purchasing tools without a process or partnership in place. Deployment and support must be effective and enabling the organization’s business objectives.

This realization leads to less focus on technology and more on people and process. For example, an increase in collaboration leads to improved diversity of ideas and ultimately a more informed set of outcomes that also enhance processes.

The old-school cyber security approach of a castle surrounded by a moat as the primary means of defense no longer works. The concept of a physical security perimeter has all but disappeared. The workplace is not only collaborative, but it is also mobile, virtual and distributed without physical boundaries. User access and applications must accommodate this change as well as the security processes necessary to protect data.

See Related: Successful Cyber Budgets And Risk Reduction With Diverse Stakeholders

Security Practices Evolve With The Organization

As the enterprise grows, the workforce can no longer be the front lines for identifying new threats, such as phishing attacks. This parallels the change in development, which has evolved from a waterfall process to agile, continuous deployment. Security should avoid being the enforcer and saying “no,” which will not endear security teams to the rest of the business.

The webinar also addressed several questions related to identifying security champions including:

  • The biggest barriers to getting cooperation from other teams
  • Whether it is more important to start with process or technology first
  • Suggestions for collaborating in a multinational, cross-border environment
  • The best approach to pitching the importance of security to your stakeholders

See Related: Webinar - How To Create Enterprise Security Champions

Tags: Cyber Security Cybersecurity Enterprise Security Code42 Webinar Stakeholder Champion Team Collaboration Perimeter Organization People Process Information Technology Policy Culture

Upcoming Events

Building cyber resilience

24 April, 2024
Online

Register Now | View Event
Building cyber resilience

Building high-performing development teams: Harnessing tools, processes & AI

02 May, 2024
Online

Register Now | View Event
Building high-performing development teams: Harnessing tools, processes & AI

Digital Identity Week

June 11 - 13, 2024
Melbourne, Victoria

Register Now | View Agenda | View Event
Digital Identity Week

Anti-Financial Crime Exchange Europe 2024

September 19-20
Frankfurt, Germany

Register Now | View Agenda | View Event
Anti-Financial Crime Exchange Europe 2024
MORE EVENTS

Follow Us

         

Latest Webinars

Building high-performing development teams: Harnessing tools, processes & AI

2024-05-02
11:00 AM - 12:00 PM EDT

Discover how to enhance your development team’s efficiency through advanced tools, Agile methodologi...
Building high-performing development teams: Harnessing tools, processes & AI

Building cyber resilience

2024-04-24
11:30 AM - 12:30 PM SGT

Why it’s essential that technology seamlessly connects IT, security, risk and the business
Building cyber resilience

Strategies to enhance secure customer onboarding

2024-03-27
11:30 AM - 12:30 PM SGT

Focus on achieving speedy and secure customer onboarding and combat user lifecycle fraud with phone...
Strategies to enhance secure customer onboarding
MORE WEBINARS

RECOMMENDED

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Learn more
iqpc logo

Cyber Security Hub, a division of IQPC

© 2024 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC| Contact Us | About Us | Cookie Policy