Tuesday, November 11, 2014

Cyber Security: The Need for Cyber Security Awareness by Michael Gasparovic, Consultant for Invensys Critical Infrastructure & Security Practice

Michael Gasparovic, Consultant for Invensys Critical Infrastructure & Security Practice, discusses the need for cyber security awareness.

The Need for Cyber Security Awareness

In today’s environment, where nearly everyone utilizes personal computing devices—from desktop computers to smart devices—and security failures are becoming daily occurrences, it is imperative to raise the user’s cyber security awareness and adherence to security policies and procedures. 

In many industries, there are many satellite locations that sit outside the focus of the corporate center.  Many of these locations are understaffed, and employees feel that cyber security is an additional burden that they do not have time for.  These locations present easy targets for today's skilled hacker.  Firewalls and other security controls provide baseline protection; however, they can be rendered useless if a user misuses their access or fails to protect resources, such as user IDs or passwords. 

To raise awareness, companies should provide regular training that is consistent company-wide and reinforces the security policies and procedures that are in place.  This training should not focus on the details of regulations, but rather focus on the general requirements and good practices users should take away and make part of their daily routine. 

Cyber security awareness provides a foundation for addressing the fundamental principles of cyber security—protecting the confidentiality of information, ensuring the integrity of information, and ensuring the availability of information and resources.  By raising cyber security awareness, a company can minimize the cost of security incidents and assure the consistent implementation of security controls throughout the organization.


No comments:

Post a Comment