Who should be responsible for cybersecurity? Without much forethought, most people would point to one of the IT staff members. After all, who knows technology better than the specialists? Unfortunately, this mindset is potentially toxic to an organization, because it forms a biased misconception about the intended role of the IT department — which in itself is a vast field with niche expertise.
Let us reframe the first question and talk about fire. Who should be responsible for the handling of fires in the organization’s building? It is true that the public fire department could help, but as long as teams within the building could operate a fire extinguisher to quench smaller fires (which could grow into a large problem), why should anyone wait for the ‘fire specialists’ to arrive?
Now still within the realms of fire safety, who should be responsible for the prevention of fires in the building? Certainly not the fire department, rather it is everyone’s responsibility to ensure that nothing catches on fire inside the building. Any behaviors that allow fire to exist, such as smoking, must be done in their own designated area.
Cybersecurity isn’t any different. There are two major actions involved in cybersecurity: 1) preventive and 2) corrective actions.
Who is responsible for corrective actions after a cybersecurity breach?
In a well-established organization, critical data must be stored in backup systems with very limited access points. In the event of a ransomware attack, for example, only authorized personnel are able to restore lost data. These do not have to be one of the IT technicians, but it must be someone who holds an upper management position with direct links to key authority.
In our fire hazard analogy, this is the fire department. This begs the question, could anyone else be responsible for corrective actions after a breach? In the event of a phishing attack, private data may be leaked — this could be user ID and passwords, credit card numbers, etc. There is a chance that any staff member may come to a sudden realization that the recipient of the information is in fact a phishing email.
The best possible scenario is that this staff reports to the authority as soon as possible, in order to invalidate the login information that was leaked, to prevent further breach.
Is cybersecurity breach preventable? If so, who can prevent it?
Science fiction may create some kind of fear that super malware can be developed in the future, which can aggressively breach even the best anti-malware software. However, in reality, the only way that malware can enter a system is through downloads of unauthorized or unidentifiable file packages. In the case of a phishing email, a simple URL check can be obvious signs that the data will not be sent to the place where it claims to have come from (no hacker can truly fake a web domain).
A cybersecurity breach is preventable, and all staff members can prevent it by being aware of hazards and using some common sense. Just like anyone is able to prevent fires in buildings, any staff member is responsible for any downloads and data transfers that they commit.
Security Awareness is key
Xynexis IGNITE Security Awareness Training is an easy and effective way to teach your staff members good habits and practices that can prevent expensive data breaches from occurring. Our approach is flexible, customizable based on the needs of your organization.
Security Awareness is more relevant than before as we go through the COVID-19 pandemic and encourage our staff members to work from home. We can train your staff to be wise about using devices for work and for personal use, educate them about tools that they can use to routinely maintain peripheral security (such as antivirus and phishing filters) and to set up an easy-to-follow post-breach reporting system.
Learn more about Xynexis IGNITE Security Awareness Training.