Cyber Alliance: Top-Down Approach Needed for Business Cybersecurity

Marking October as National Cyber Security Awareness Month, the National Cyber Security Alliance (NCSA), the U.S. Department of Homeland Security (DHS) and businesses are banding together to offer a list of recommendations on tackling cybersecurity issues.

And the NCSA has landed on one crucial truth for every company, regardless of industry: cybersecurity awareness starts at the top.

“Organizations of any size — including healthcare providers, colleges and universities, government agencies and nonprofits — can fall victim to cybercrime, which could result in stolen personal information or intellectual property or serious disruptions to our daily way of life,” said NCSA executive director Michael Kaiser. “It’s important for employees at all levels to be keenly aware of the roles they play in keeping their own workplaces — and the general public — safer and more secure online.”

Having leadership specifically identifying what critical company assets and information needs the most protection — including copyrights, consumer and employee data and intellectual property — helps everyone else in the company look at their security preparedness in a new light, he added. “The groups that work to build up their resistance and resilience are best prepared to combat cyber threats,” Kaiser said.

Being able to detect incidents, having a plan on how to respond once a breach is detected and making sure the company can recovery to normal operations quickly are all important, NCSA stresses. And employee awareness and training around cybersecurity are more important than ever: between 2014 and 2015, phishing campaigns targeting employees jumped 55%. “Everyone at work plays an essential role in protecting the company and its sensitive data,” Kaiser said. “It’s crucial to educate your staff about how to use the internet safely at work and at home and to continually remind them of the importance of protecting organizational and personal information.”

NCSA also identified a big problem: despite growing demand for cybersecurity skills, 2015 more than 209,000 cybersecurity job postings in the U.S. alone go unfilled. The group conducted a study with U.S. defense contractor Raytheon on the subject, titled “Securing Our Future: Closing the Cybersecurity Talent Gap.”

The survey found that only 54% of men and 36% of women are aware of what a cybersecurity job entails, and only 27% of men and 19% of women said their high schools prepared them to use technology in a cyber-secure manner.

“While we were thankful to see growth in the awareness of cybersecurity as a viable profession for young people, it’s critical for key influencers — like parents, teachers and guidance counselors — to learn more about this growing and important career option,” Kaiser said. “It is essential that students graduate with the skills they need to not only operate the internet in the safest and most secure way possible, but also to embark on the many diverse careers that protect it.”