Cyber Security
Cybersecurity Awareness Month: Championing a Culture of Security
October 10, 2019 | Written by: Dimple Ahluwalia
Categorized: Cyber Security
Share this post:
October is Cybersecurity Awareness Month in many places around the world – so it is a great time to reinforce the importance of championing a culture of security, both inside IBM, and with our clients worldwide. Supporting smart habits in the workplace can go a long way in preventing cyber incidents that might lead to financial and reputational loss for corporations, governments and individuals alike.
The threat landscape is changing quickly, and organizations are ramping up efforts to thwart potential insider threats, bridge IT security gaps, manage shifting privacy regulations and prepare for recovery if they fall victim to an incident. No one is immune from a breach. Leaders at IBM and elsewhere are continually revisiting cybersecurity methods around the world to protect ourselves, our clients, and their end-users.
It Takes a Village
While most organizations deploy teams of security professionals to protect and secure their systems and data, it takes a village to help prevent cyber attacks. Security leaders can set the standard, but creating and maintaining a true culture of security means that cybersecurity is woven into every corner of the business.
As organizations invest in their technical controls – from continuous threat monitoring, to security vulnerability testing, to enhanced cybersecurity capabilities backed by AI and Machine Learning – educating and testing the workforce remains key to any security program’s success. After all, one quarter of all data breaches last year were caused by human error. One key area for education and testing is spotting phishing emails, which account for a very high percentage of security incidents. As part of our enablement program, IBM regularly tests employees with fake phishing links to help them identify real scams in the future.
Consider how your employees learn best and then invest in consumable, role-based education and situational awareness exercises. Rehearsing real-time responses to security incidents can be as simple as getting business and technical leaders in the same room to discuss plans and roles, or as comprehensive as using an immersive experience that simulates cyber incidents and responses. At IBM, for example, we have the Cyber Range X-Force Command Center that demonstrates the interdependencies between various business functions and security. The result is a strengthened muscle memory for better performance during an actual cybersecurity event.
An effective culture of security also involves regularly reminding employees about using strong passwords, offering online learning classes around corporate device and data management, and how to appropriately share sensitive or otherwise confidential information with third parties. Highlighting secure practices in employee communications related to newsworthy incidents or seasonal junctures (filing taxes, holidays, etc.) can also serve as good reminders and drive positive outcomes.
Thinking Bigger
Ensuring that everyone knows they have a role to play in cybersecurity will help make organizations more inherently resilient for the long-term. From the boardroom, to the back office, to operations, a well-rounded culture of security should provide employees in all roles, levels and locations with the proper knowledge and tools to contribute to cybersecurity. From there, organizations can move at the speed and scale they require, knowing that cybersecurity is built into every piece of the business.
Here at IBM Security, over 9,000 employees help design and deliver some of the most advanced and integrated enterprise security products and services in the industry. In October, and year-round, our teams recognize that cybersecurity is crucial to IBM’s mission as an organization, because trust and security are the bedrock that our clients count on.
BISO and Vice President of Services Solution Design, IBM Security
Making the workplace safe for employees living with HIV
The recent promising news about Covid-19 vaccines is in sharp contrast to the absence of a vaccine for HIV, despite decades of research. Unlike Covid-19 with a single viral isolate that shows minimal diversity, HIV circulates in a wide range of strains that so far have proven impervious to a single vaccine. Fortunately, more people […]
Call for Code for Racial Justice Needs You: Join the Movement
IBM has never avoided taking on big challenges. At IBM, we are privileged to drive impact at scale. We take on challenges that transform our clients, impact people’s lives and innovate for future generations as we strive to effect systematic societal change. Over the course of our 109-year history, the evidence has become clear that […]
A New Wave: Transforming Our Understanding of Ocean Health
Humans have been plying the seas throughout history. But it wasn’t until the late 19th century that we began to truly study the ocean itself. An expedition in 1872 to 1876, by the Challenger, a converted Royal Navy gunship, traveled nearly 70,000 nautical miles and catalogued over 4,000 previously unknown species, building the foundations for modern […]