Who is Responsible For Protecting An Organization From Cyber Threats?
Brendan Howe, the CEO and Owner of Techify Inc., provides his thoughts on this ongoing debate.
So here’s a question that we get we get a lot, and it’s something that I feel pretty strongly about.
And so I wanted to address this today.
There’s this debate that’s been going on for years — since employees are our biggest kind of issue.
About 85 percent breaches come from human error, right?
So, is it just the responsibility of our staff to protect the organization and should we just focus on training users and employees? Is that the only thing we should care about?
Or do we need to do we say, you know what, our staff are going to make mistakes and people are going to have bad days and people are going to click links and stuff like that. So, it’s really the responsibility of the IT Department to make sure that the company is protected, that there are the layers of security in place so that a less savvy computer user or employee does something really bad, the company is protected?
So that’s the sort of perpetual debate. And here’s where we land we land on it.
It’s not A or B — it’s both.
So, we believe strongly that your approach needs to have a heavy bunch of cybersecurity awareness training for your staff so that you don’t get “Ubered” and because hackers are always finding ways to get around the security that you have in place.
But that you also have a really strong cybersecurity roadmap that says, here’s what we’re doing, here are the changes we’re making, here’s how we’re looking at the threats out there. And the new ways of the power company phoning or people getting on other people’s computers, the social engineering threats or the the whaling or that sort of stuff, and we will protect our company against one of our team members making a mistake.
So, because if we have both those layers of security — if we have a much more educated and enabled workforce that understand what the threats are out there and how to spot them, and we have a really good cybersecurity roadmap that’s continually improving and evolving — then ultimately we’re going to protect the company effectively.
We work with organizations across the GTA in a wide variety of industries and sectors.
Have questions about your cybersecurity needs?