The article, “Cyber Security Is A Business Risk, Not Just An IT Problem” highlights the that cyber security has many dimensions. With the growth and transition of businesses becoming more digital, this allows the businesses to open themselves to vulnerabilities to hackers. According to Telstra’s Cyber Security report, data shows that 59% of Asian organizations experience data breaches at least once a month. The article explains how cyber security is not only a technology risk, but also, it is a business risk. The article mentions that businesses need to approach cyber security in all aspects of the organization; starting at the IT department, expanding to employee training and exploring security policies, using an un-encrypted device, and even moving to email. A data breach can happen when a person opens a phishing email, or one uses an un-patched device, when ports are left open, and even when one does not lock his or her workstation. Having a secure environment requires input from not only the IT department, but also support from the executive level leaders. Customers and employees, who are not IT related, help this process as well. Keeping a network secure cannot be done by one person, but rather it is a team effort.
RESOURCE: https://www.forbes.com/sites/edelmantechnology/2017/10/11/cyber-security-is-a-business-risk-not-just-an-it-problem/#6513e24f7832
Long Duc Nguyen says
I agree with this analysis because it shows that the issue of cyber security is not as simple as it seems. Cyber security architecture is only one part of the problem; employees also need training in cyber security in order to minimize the risk. Humans represent one of the greatest security vulnerabilities because we cannot ask everyone to become a cyber security expert. Your analysis also brings forward the importance of organizational alignment in achieving a secure IT environment. Without the support of the leadership team, any effort to improve the security of the organization will not be successful.
Laura Blaszczyk says
I have an interest in cyber security and thought this was a good easy article to read and relate to. It really highlights an assumption that cyber security is an IT issue and that companies are starting to shift their perspective to the view that cyber security impacts the business as a whole. I agree with the article that cyber security is a growing concern as companies continue to digitize many aspects of their business. I think you highlighted some really valid examples of how breaches can occur and that they are not just from IT professionals. The article mentions integrating cyber security into all aspects of the organization and it seems more and more organizations are taking this approach and others would agree this is paramount as the attacks become more sophisticated, with greater impact and risk.
Zois Bouikidis says
I agree with the premise of the article and believe that most businesses do as well. The cost of a data breach is all too high for a business to not pay attention and allocate a significant amount of funding to security.
I think the companies that do the best in terms of securing their data are the ones that exercise the social science side of security just as much as the technical. Phishing your own company and trying to find your weak points before antagonists do is the way to go in terms of security, as this is the most usual way that data is leaked. In addition to this, I am also a firm believer that when an employee is caught using the social side of security, they shouldn’t be immediately fired or punished harshly, as this employee is now much less likely to get caught a second time now that they’ve been caught once.
In all, cyber security is very important to businesses and governments alike, and being one step ahead of the bad guys all the time is imperative.
John Alemi says
As I’m preparing for an interview in the cyber security space I couldn’t agree more with this article. There are too many breaches happening in todays tech driven business world. Companies need to set rules and regulations to all employees to make sure their sensitive data gets breached. This is not just an internal thing which the business gets affected, their customers do too! I was reading an article earlier this week and it said health care phishing incidents have rose nearly 500%. Employers should really emphasize how important protecting data is from the get-go and have training programs, and penetration test, monthly.