A typical cybersecurity incident can usually be attributed to a people issue since it is employees and humans who are mostly using the organisation’s technology and cyber assets. If a front door was left open in the night, most probably you would have unwanted visitors walk in. So, what is the way forward?
We can blame an unfortunate employee for leaving the door open or find a solution to prevent the door from being left open again in the future. Clearly the second choice is better.
But there is a caveat. The second choice will only work if the organisation is ready to work with its employees and specific groups of people to find a solution to their errant behaviour.
Rather than leading an investigation into finding the errant employee, at this stage, organisations are better off engaging with employees to help change their behaviour and prevent the door from being left open.
Moreover, employees should be able to engage with the security department well before an incident, if they feel they may have been compromised at any stage.
At the core of any successful cybersecurity implementation are people. And organisations that fail to engage with their people lose the one asset which can stop or slow cyber incidents from happening.
Organisations need to realise that the difference between a completely out of control and chaotic situation emerging post a cyber security breach and an organised and systematic, step by step recovery approach, is only practice and training for employees.
Employees and their wayward behaviour may have been the cause of a breach in the first place, but the only way to recover from such a breach is by training employees well and repeatedly, on what to do in such situations.
It seems ludicrous that we do not spend enough time building situational control capabilities and coaching cybersecurity professionals or training employees on how to handle such unforeseen disasters.
Consider three elements of cybersecurity: employees, zero-trust practices, and incidents. What connects these three is how they fit into a systematic, security-friendly or unfriendly daily routine.
A daily office routine can be both positive and negative towards including basic cyber security checks and practices. If we begin and end our day with a few basic cyber security checks that is building a positive daily routine.
If we are erratic in such practices that is probably building a negative daily routine and will likely increase the cyber security threat levels.
We want to keep the daily office routines, but we just want to add a security focus in the beginning and at the end of it. It is important to create and build behavioural habits where there is a value. After all, security is a domain that pays off quickly and has enormous wins.
We need to consider cybersecurity as a people challenge and a people-focused domain. Ultimately, it is people who ensure the success of any given project.
Being technically savvy, having the right capability, and implementing the required technology are also key elements to a safe and secure environment.
Cybersecurity experts also need to engage organisations in a conversation that includes the entire team. It is tricky because, in most cases, they are asked to come in after a breach or a complete security breakdown.
This means there may be legitimate feelings of betrayal and trust issues. Even more important is their potential for successful cybersecurity implementation, and this always engages people at the core.
However, it needs to be emphasised that a typical success story does not end here. If we fail to engage with employees, we lose those assets that can help prevent cyber incidents events from happening from the very beginning.