Cyber security: Security awareness can't be just a one off

Initiatives such as the US' National Cyber Security Awareness Month are all well and good, but day-to-day attitudes must change too

Creating an effective security culture is very different to a security project such as putting in a new firewall, intrusion detection, or data loss prevention software , which is often viewed as "deploy and forget". Security awareness is cumulative, with one set of measures building on others. And it has to be ongoing, because people come and go and the security threat continues to develop.

Roer compares cyber security to physical safety, an area where businesses have succeeded in reducing risks. Physical safety is, of course, more obvious than cyber safety.

"Cyber security is adding one level of abstraction," says Roer. "In physical safety we feel it straight away." But safety teams have achieved their results, not just by raising awareness, but also through measurements. "Safety measures behaviour and sets clear targets," he says. "They include the whole organisation, and use targets and activities to take them to that goal."

Awareness months, or even days, can add value Roer says. But to be most effective, organisations need to measure what they have learned, feed that back, and build on it. It's certainly not enough to formulate a security plan, then put it on the shelf until this time next year.

Advertisement
Advertisement - Article continues below

Stephen Pritchard is a contributing editor at IT Pro.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Most Popular

Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/public-cloud/34850/salesforce-takes-aws-relationship-to-the-next-level
News

Salesforce takes AWS relationship to the next level

19 Nov 2019
Visit/security/ransomware/354171/microsoft-issues-statement-debunking-teams-ransomware-rumours
ransomware

Microsoft issues statement debunking Teams ransomware rumours

21 Nov 2019
Visit/mobile/5g/354161/tests-show-uks-5g-network-is-450-faster-than-4g
5G

Tests show UK's 5G network is 450% faster than 4G

20 Nov 2019