Creating a Cyber Resilient Culture in Your Organisation
Updated: Nov 16
"Cyber resilience is the ability of an organisation to enable business acceleration by preparing for, responding to, and recovering from cyber threats.”
How do we begin to create that environment and enable our teams to activate this type of resilience and embrace it as part of its culture? Investing in your technology stack when it comes to securing your organisation is critical, however it doesn’t dispel the fact that 85% of ransomware and attacks are down to human error.
People are both your biggest vulnerability and your biggest asset. Building that culture of cyber security is so important in every organisation. We have leveraged the knowledge of our in-house experts who are continuously working within our own team and those we work with to establish and grow cyber resilience within their own organisations.
OPENNESS
Critical to the success of any cyber resilience strategy is an awareness from leadership down through all teams across your organisation.
"Everybody needs to be aware that they all have a responsibility when it comes to cybersecurity. There also needs to be an openness and blame-free culture , psychological safety. Creating a feeling of ‘we’re all in this together’ helps nurture that culture."
Eilish O’Connor
CTO & General Manager of Digital Services
"Leadership buy-in and support is paramount in setting the tone for the entire organisation. A cybersecurity culture instilled in every employee encourages vigilance and responsible practices."
Niall Tuohy
Cyber Security & SD-WAN Product Manager
TRAINING
Enabling our teams to be proactive when it comes to potential issues or threats plays a large role in harnessing a cyber- aware culture. Regular cyber training equips your team with the skills to assess certain situations, flag potential risks and create that common sense of awareness throughout the organisation.
“For me, the most critical ingredients in creating a cyber-aware organisation are a mix of employee training and awareness, robust and strategic technical controls and a proactive security culture. Like the ingredients for a cake, if one of these is lacking, then it won’t taste very nice!”
Eddie Heneghan
Cyber Security Consultant
ASSESSING YOUR CURRENT SECURITY POSTURE
A temperature check on where your security processes are currently can be a great way to both improve on those processes and lay the building blocks for improving your organisation's cyber resilient culture. Reaching a security milestone can be an effective way to get further buy-in from our teams.
“Regular security assessments are critical. It gives you a view on how you have done so far and where you need to put your focus next. This includes vulnerability scans, penetration testing, and other assessments to identify weaknesses in the organisation's security posture. These assessments should be conducted by internal and external experts to ensure they are thorough and comprehensive.”
Stephen Collopy
Director of IT Services
BEYOND ‘SET & FORGET’
While doing something is far better than doing nothing when it comes to cyber security, many organisations fall victim to the ‘set and forget’ mentality. As cyber crime evolves and becomes more sophisticated,your team need to keep pace when it comes to investing in areas of security.
"Having a ‘set and forget’ attitude simply won’t cut it anymore when it comes to defence. A good Defence in Depth strategy is also key. This should be made up of various security controls that address flaws or vulnerabilities in hardware, software, the physical location(s) and people."
Lance Hogan
Operations Service Delivery Manager
"Use recognised standards such as ISO27001 to measure yourself against and keep yourself honest. There is no way to be perfect. To be successful is to get a little better every day and to keep working at it."
Michael McGahon
Head of Strategic Change & Governance
VIGILANCE
We have seen above the importance of individual responsibilities when it comes to proecting your business. Vigilance is required to do so effectively, ensuring that your team know what to flag should they see something they are unsure of.
"Always being vigilant of suspicious emails and texts, especially ones with links and attachments is key. Never be afraid to report or question dubious emails or phone calls. It’s also important to recognise the methods hackers use to bypass security, what they are looking for and the value of our data."
Ed Cleere
Head of IT
INVEST
Very few organisations will have the resources in-house to enable and grow a cyber resilient organisation alone. Even for those of us in the cyber security space, leaning into the expertise of our partners is integral to our own cyber culture. Understanding that you can’t do it all alone is key for growth.
“We have partnered with numerous security vendors and are continually looking for best in class solutions to ensure we are evolving with the threat landscape. We have invested in our tools and our people to ensure security is a priority and not a box ticking exercise.”
Paul Rellis
CEO
Cyber and all its facets is extremely comprehensive. Understanding your business, its risk profiles, your own end users and how your data is stored is paramount for cyber resilience. Investing in technology that will support you in your security strategy and empower your people to become proactive in cyber security is core to creating a cyber resilient organisation.
CONTACT US
Looking for a Cyber Security partner? Get in touch today by emailing hello@viatel.com.