This  is  key  to  promote  cybersecurity  throughout  the  company.  A  CISO  helps  business
               executives, including the CEO, understand cyber risks and are essential to promoting a culture
               of cyber defense.


               In recent years, most CISO's have been connected to the company's leadership team, and in
               half  of  the  companies,  they  are  a  member  of  the  executive  leadership  team.  A  CEO  must
               understand and carry out security procedures throughout the entire enterprise. Together with
               the CISO, you can work together to run threat assessments and review the results.

               Consult the CISO on new projects early on in the planning phase so that they can find ways to
               improve security. It is easier to integrate security measures during the development rather than
               after the fact. The CISO will work with each team to find ways to meet the project goals in a way
               that  complements  security  protocols.  Then  it  is  up  to  the  CEO  to  make  sure  that  the  teams
               follow through and stay accountable.


               PROMOTE SECURITY AWARENESS WITH EDUCATION AND TRAINING

               Most companies have a cyber awareness program in place to educate employees.

               These programs train them to be able to identify network threats. An effective training program
               stays up to date to meet new security threats. An outdated program wastes time and resources.


               Take an active role in security awareness programs. By supporting these programs, you send a
               message to employees on what they can do to promote cybersecurity awareness. It is also up
               to your leadership to keep employees, managers, and other executives on track.

               Involving yourself in the training program helps to measure its effectiveness. You can see how
               many  users  have  completed  the  training  program,  along  with  parts  that  they  found  helpful.
               Employee surveys can provide feedback, and you can identify areas that need improvement.

               STRENGTHEN AND ADAPT SECURITY PROTOCOLS

               A risk assessment identifies areas in your IT security that need to be improved. Whenever your
               company  adds  new  equipment  or  software,  you  should  make  sure  that  it  keeps  the  existing
               network secure. Cybersecurity becomes more relevant as your business continues to add these
               new tools.

               By  the  year  2020,  there  will  be  between  20  to  30  billion  connected  devices  in  the  world.
               Connected  devices  provide  useful  information,  but  unprotected  they  can  be  a  liability.  Adapt
               your security protocols to reduce or eliminate these liabilities.

               Place  a  higher  priority  on  mobile  and connected  devices.  Your  cell  phone  that  allows  you  to
               connect to your business email can be a spot that hackers can exploit. Understand how these
               devices fit into the network, you can make the changes needed to strengthen the network.


               DECENTRALIZE ACCESS

               People, not technology, is the weakest point in your network.

                   62    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.