The cybersecurity landscape is everchanging, and the need to take measures for building vital cybersecurity hygiene is stronger than ever. Cybersecurity threats have risen, and no matter whether the firm is public or private, every company needs to understand the risk of cyber attacks, as cybercriminals can penetrate 93 percent of company networks.
Dimiour recently held an industry expert panel with Heidi Mattison, CTO, Cabinetworks Group; Diego Souza, CISO, Cummins; Anthony Maley, Co-Founder, Chief Executive, Vouch and Elizabeth Agosto, Chief Operating Officer, Information Security Division, BNY Mellon, discussing cybersecurity topics like – the present landscape, identification, and authentication, best practices, mitigating threats, leadership communication and more. What were the highlights?
Education about cybersecurity at all levels is integral.
“Cybersecurity is an ever-changing landscape, especially with the new threats emerging every day. Whether your firm is private or public, the fundamental fear of threats remains the same, and it is all the diagnosis. The level of education for both the end user and the leadership level is agnostic for the company,” says Heidi Mattison, CTO, of Cabinetworks Group, about the importance of cybersecurity and how she addresses it.
From understanding the history to the present technological nuances around cybersecurity, the critical point is educating all those at the organizational, executive, and leadership levels about cybersecurity.
“Everyone has an integral role in maintaining cybersecurity, no matter their role in the organization. Whether associated with corporate functions or manufacturing, production or any other sector, communication chain and how frequently we communicate about security with the concerned users will make all the difference apart from tools and technologies,” Heidi adds.
Cybersecurity has a global spotlight.
It is difficult for firms with a worldwide footprint to maintain communication across vast geographical boundaries, especially when new rules, regulations, and threats are emerging every day.
“To manage the operations for cybersecurity across different geographical locations as a CISO, it is important to connect with the teams across the organization at all levels and simultaneously work closely with partners in the respective countries. We have our partner agencies in Asian countries and India who help us manage the threats and information,” says Diego Souza, CISO for Cummins.
Organizational Alignment Improves Cybersecurity Awareness
Elizabeth Augusto, Chief Operating Officer for the Information Securities division at Bank of New York Mellon, says, “It is important to work closely with service leads across the cybersecurity department, and she works closely with her CISO partners to ensure that there is optimal awareness and everyone is omnipresent.”
Running a structured and tight awareness program for cybersecurity across all business units is one of the best practices to ensure that the information about clients and employees is well protected.
Adding to the conversation, Elizabeth states, “Awareness is one of the things that we focus on greatly while partnering with our lines of business, and educating clients is the key goal.”
Responsibility for cybersecurity lies with everyone.
Organizations encounter threats every day, and how these threats are handled is crucial. “The responsibility doesn’t just lie on the cyber security team or the system of the organization, but everybody plays a very active role in ensuring security across the board,” commented Elizabeth.
From Anthony Maley’s perspective, CEO of Vouch, “It’s about driving a culture of safety and security, making sure we hire the people with the right skills and that security mindset.”
Threats impact everyone in the organization, from the boardroom to the front-line workers. It is necessary to employ safe cyber hygiene practices across the organization to reduce the risk of being impacted by malicious actors.
To address the safety measures, Elizabeth suggests further steps businesses can take. She says, “just assessing where you are, consistently educating your staff, making sure that they know who to go to, how to escalate issues and incidents, being aware that human risk is the most significant risk to a business will make a huge difference”.
When was the last time you reviewed your cybersecurity measures? Reach out to Dimiour to schedule an assessment today, and stay tuned for part 2 of our cybersecurity blog series.
