We would like to draw your attention to an article written and provided by a client of Jenrick IT, Dr John McCarthy, titled: Creating a Healthy Cyber Security Culture, which provides a superb platform from which to explore this subject in greater detail. CyberSecurity touches all elements of business life so does not easily fall into a convenient silo. This is because in recent years we have seen a new level of interconnectedness of devices and systems and therefore to fully understand this and how it impacts upon cybersecurity we need to examine the problem from outside the traditional boundaries of departmental logic. This is challenging for everyone as they are all keen to do what is required but often nobody fully understands what role they need to play.
The question remains how then do we create a common purpose and outcome for all the players?
The IT and technical players will want to apply technical solutions to the cybersecurity problem and in many ways they are right to do so. The managers may be examining a risk averse solution and strategy, whilst government wants assurances all is being done to protect the critical national infrastructure.
So then what is the answer?
I have to remind myself of this simple fact. All business interact. The ecosystem of business IT systems are intertwined on many levels. Therefore to focus on a large business alone is like putting a steel door on the front of your house whilst leaving a window open at the back of the house. Any cyber security solution needs to encompass every business large and small to have any real chance of success. This is a challenging task and requires a step change in working practices where businesses who have different owners will have to work together. I do not think this will come easily or naturally. I think we need to develop common goal and language that is global in its reach and understanding. Everyone everywhere should be singing from the same hymn sheet. We need to create a cybersecurity culture where cyber hygiene and good practice are second nature to everyone. Simple cyber hygiene could avert many of the attacks and problems facing us today. Our understanding of how we operate in a cyber-environment in still very much in its infancy. In other areas of our life we have good hygiene practices. We wash our hands when leaving a washroom and cover our mouths when we sneeze. We need to develop similar cyber hygiene practices inside and outside of our workplaces. So my view is to start simply with good cyber hygiene practices. Get everyone in the business involved and start from the top and lead by example. We need simple messages on good cybersecurity practices that everyone at all levels of the organization can understand and can adopt. Once we have a good cybersecurity culture all departments in the businesses will understand each other’s needs in relation to cybersecurity so much more. Many of the hurdles we now face in relation to bringing parties together to solve cybersecurity problems will be easier to overcome. Creating common goal with familiar language will go a long way to help foster a healthy cyber security culture and thus address many of the cybersecurity problems we face today.
Article kindly contributed by Dr John McCarthy.
MORE INFORMATION Jenrick IT are specialists at providing cyber security professionals for organisations throughout the UK, and are currently exhibiting at DSEI 2015 at stand S9-300. If you would like to gain a more detailed undertstanding of the cyber security services Jenrick can provide your organisation, please contact Miriam Lee (Head of cyber, security and defence consultancy services) on +44 (0) 1932 245 500.