Page 62 - 网络防御Emagazine - 2017年11月
This is key to promote cybersecurity throughout the company. A CISO helps business executives, including the CEO, understand cyber risks and are essential to promoting a culture of cyber defense. In recent years, most CISO's have been connected to the company's leadership team, and in half of the companies, they are a member of the executive leadership team. A CEO must understand and carry out security procedures throughout the entire enterprise. Together with the CISO, you can work together to run threat assessments and review the results. Consult the CISO on new projects early on in the planning phase so that they can find ways to improve security. It is easier to integrate security measures during the development rather than after the fact. The CISO will work with each team to find ways to meet the project goals in a way that complements security protocols. Then it is up to the CEO to make sure that the teams follow through and stay accountable. PROMOTE SECURITY AWARENESS WITH EDUCATION AND TRAINING Most companies have a cyber awareness program in place to educate employees. These programs train them to be able to identify network threats. An effective training program stays up to date to meet new security threats. An outdated program wastes time and resources. Take an active role in security awareness programs. By supporting these programs, you send a message to employees on what they can do to promote cybersecurity awareness. It is also up to your leadership to keep employees, managers, and other executives on track. Involving yourself in the training program helps to measure its effectiveness. You can see how many users have completed the training program, along with parts that they found helpful. Employee surveys can provide feedback, and you can identify areas that need improvement. STRENGTHEN AND ADAPT SECURITY PROTOCOLS A risk assessment identifies areas in your IT security that need to be improved. Whenever your company adds new equipment or software, you should make sure that it keeps the existing network secure. Cybersecurity becomes more relevant as your business continues to add these new tools. By the year 2020, there will be between 20 to 30 billion connected devices in the world. Connected devices provide useful information, but unprotected they can be a liability. Adapt your security protocols to reduce or eliminate these liabilities. Place a higher priority on mobile and connected devices. Your cell phone that allows you to connect to your business email can be a spot that hackers can exploit. Understand how these devices fit into the network, you can make the changes needed to strengthen the network. DECENTRALIZE ACCESS People, not technology, is the weakest point in your network. 62 Cyber Defense eMagazine – November 2017 Edition Copyright © 2017, Cyber Defense Magazine, All rights reserved worldwide.