Addressing the weakest link in cyber security cannot be approached as a project or work stream. Instead, it requires an ongoing and strategic programme to embed security culture throughout the organisation.
Ramlal noted that South African organisations were under attack, with hundreds of breaches reported in the media in recent months, and over 40% of companies paying the ransoms to access their data. Humans are generally the biggest risk factor in these attacks, she said. Ramlal said: "Our model embeds security culture throughout the organisation, with policies and procedures reinforced by ongoing training, campaigns with posters and signage to remind employees of the risks, and security ambassadors or security guardians to champion security best practice.
Ramlal underlined the importance of instilling a sense of psychological safety across the organisation, in which staff feel they can communicate freely, and the CISO and IT security create safe spaces and can de-escalate and limit fear and panic during incidents. "Security is enhanced when you build an escalation friendly environment, where employees are thanked for raising alerts and escalating security concerns. This approach removes fear and builds positive reinforcement," she said.
Domain Domain Latest News, Domain Domain Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Source: ITOnlineSA - 🏆 16. / 63 Read more »