Let’s face it, there will never be enough people on a security team, and there will always be more that can be done to defend the enterprise.

Read the full article at: www.tripwire.com

We at Expressworks are passionate about security and cybersecurity and have been so for a while, before Equifax’s recent breach or before eBay’s, Yahoo’s or Target’s a few years back. We have long had a Cybersecurity Practice within our consulting network headed by Hend Ezzeddine, practice director, and supported by Samantha Leech, one of our IT gurus. Our July newsletter featured Hend’s presentation, “A CEO’s Guide to Cyber Resilience,” a Cybersecurity webinar, and Samantha’s article, “Why Does Ransomware Continue to Work.”  Hend recently published, “Behaving in Cyberspace.” You get it. We’re big on the subject.

Our core belief is that in addition to implementing comprehensive cybersecurity platforms, businesses need to realize that human error is one of the main causes of cyber attacks. We stress the need for companies to make digital security everyone’s business.

This article by Anthony Isreal-Davis shares that view. Even though it is sponsored by a technology company that offers “advanced threat protection, security and compliance solutions,” the article agrees that IT alone will not keep your business safe from cyber attack. According to Isreal-Davis, it takes the “golden triangle of security controls: people, process and technology” to do the job.

He goes on, “And while an enterprise may have the best people on the job and every role filled, all it takes is a lost laptop, misconfigured hardware, or an errant click on a phish to bring all that hard work crashing down. This is why the security team is only part of the larger security team – a team which includes everyone else in the company – and this is where the real skills gap is to be found…Not every skill requires a cybersecurity genius to grasp – many of the most fundamental skills come down to basic education, common sense and vigilance.”

Our point exactly.

Contact us and we can help you better understand the people side of cybersecurity and help your business become cyber resilient.