Featured, OPINIONS & ANALYSIS, This Week's Gurus

Tweet Chat: The Human factor in Security

In our first-ever IT Security Guru Tweet Chat, we were joined by Javvad Malik, Dr. Jessica Barker, Mo Amin, Ed Tucker and Lisa Forte as they debated the human factor in security. These leading figures from within the cybersecurity community, whom have a wealth of experience and are best placed to talk about the importance of the human element, are deeply passionate about this widely discussed topic.

Too much technology?

We began with a question that focussed on technology and the pivotal role it is playing within cyber today. It could be said that organisations have become too dependent on this component of security. But why? Well, the community certainly feel that technology offers an element of convenience that perhaps humans can’t provide.

You are the weakest link, goodbye

Humans also have the added stigma of being referred to as the ‘weakest link’ within security, and so this reliance on technology may seem justified. Yet, by disregarding or not addressing this mindset, organisations are essentially missing the chance to solve a critical problem within the overall security of their organisation, especially as the human factor is essential for any business. Building education and awareness from within is key.

What resources should be prioritised?

We then asked whether businesses are investing their resources in the wrong places to tackle security and if compliance was driving this? With global data security and privacy regulations severely punishing those found non-compliant, there is a strong possibility that many business decision-makers wrongfully believe that being compliant automatically means the business is secured.

What is more detrimental – poor knowledge or poor security?

Next, it was time to find out what the security community viewed more dangerous for a business: a cyber unaware workforce or a security system that has been misconfigured. Well it depends…

CISO/Security Leaders take note

Where do CISO’s and security leaders go wrong when trying to obtain sufficient backing from the boardroom to enable them to build a security programme? it is clear they have an up-hill battle convincing management on how to invest when it comes to security.

Invest is needed, but make it the right investment

But what happens if investments are made? We still continue to see data breaches and successful cyberattacks plague organisations of all sizes. So, why shouldn’t we lose hope? Where should CISOs and security leaders focus their efforts?

Building a security culture

For security professionals looking to establish a strong security culture or at least have a platform to build from, here is some advice from our panellists:

To close the chat…

The previous questions generated a great discussion and provided insight around the difficulties, problems and issues security professionals are faced with when trying to tackle cybersecurity. But the last question nails home the significance and importance of having the human element in security.

And if you needed any more clarification as to why we shouldn’t solely depend on technology, I shall revert you to this reply…

If you were unable to make the Tweet Chat, no worries, simply follow the IT Security Guru or search the hashtag #ITSecGuru to see the Q&A.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

ten − four =

This site uses Akismet to reduce spam. Learn how your comment data is processed.