Cybersecurity is not just an IT issue
alt="Security Manual - Sarbanes-Oxley" vspace=3 align=right
src="http://www.it-toolkits.com/images/Security.gif" width=85
longDesc="Security Manual Template - Sarbanes-Oxley" height=110>Putting the
onuss for all data
security on the IT department to address security attacks is not a
successful strategy. The attackers are exploiting the end-users more and more,
thus circumventing security controls altogether.
With that in mind, the two most urgent actions are for organizations to
create awareness of the problem and build commitment among leadership to tackle
it. A strong cybersecurity program warrants a comprehensive strategy to address
any risks within the environment. These include everything from developing the
strategy and a human capital plan to awareness and training.
Cybersecurity is not just an IT issue; thats not how your adversaries are
looking at it. Using IT happens to be the way they get into networks. Technology
is only one aspect. Organizations need to look at it as a foreign intelligence
collection effort. Bottom line, cybersecurity needs to be top-down driven, from
the head of the agency or a CEO on down. Only then will the enterprise be
adequately protected.
Leave a Reply