Cybersecurity Is No Longer The Sole Responsibility Of IT Specialists 

Uploaded on 2023-03-14 in NEWS-Cybersecurity News, FREE TO VIEW

While cybersecurity used to be a topic and responsibility reserved only for the IT team, we’re seeing the industry shift to a mindset of collective resilience. One where the entire company has a role to play when it comes to cybersecurity and the weight of cyber risk or even a data breach doesn’t rest solely on the shoulders of the CISO

While there’s still a lot to be done, there are positive steps being made towards more cross-industry collaboration, less pressure on the role of the CISO, and an opportunity not only for cybersecurity vendors to increase their business, but also for employees across the globe to gain a better understanding and appreciation for the importance of cybersecurity.

Rebalancing Responsibility 

Given the rising frequency of cyber-attacks around the globe, it’s not surprising to see a move to strengthen overall resilience. Cybersecurity is relevant to all industries, all businesses and all job roles, so business-wide resilience has to be a top priority. Despite challenges, the private and public sector are working to spread the burden of cybersecurity, both through education and awareness, as well as regulations and policies.  

The latest example of this is the new US National Cybersecurity Strategy from the Biden-Harris Administration, which plans to focus on “rebalancing the responsibility to defend cyberspace” and taking the burden away from individuals and small businesses. Although the implementation of these plans is not yet clear and there’s no certainty on what will change, the release of the strategy has prompted discussion around how to handle liability when it comes to a cyberattack. 

Preventing Burnout

It’s well-known in the industry that CISOs are among those with the most high pressure jobs, and that the result often leads to burnout. A 2022 survey highlighted stress and burnout as the most significant personal risks CISOs are facing in their role. 

Whilst CISOs will always have a responsibility for the cybersecurity of their business, organisations are engaging in cybersecurity more on the whole meaning there’s better understanding from the C-Level - with Accenture’s latest State of Cybersecurity report stating that 70% of organisations include cybersecurity as an item for discussion in every board meeting - as well as employees across all departments. 

The relationship between the CISO and the Board and leadership team impacts the overall approach to cybersecurity from the entire company. For example, the same Accenture report noted that CISOs in a group dubbed “Cyber Champions” were more likely to report to the CEO and the Board as well as have a far closer relationship with the CFO. What’s more, when it comes to budget authorisation, only 19% of those “Cyber Champions” had their budgets authorised by the CEO or the Board, meaning the majority had autonomy over what they spend their budget on. 

With increased recognition that cybersecurity is not the sole responsibility of one person or one team, we’ll hopefully continue to see the burden on CISOs reduced as well as more involvement and ownership from other senior leaders. 

The Opportunity For The Industry

As we see more businesses take note of cybersecurity, it’s likely there’ll also be a broader impact on other businesses in the market, including vendors. 

With the current economic and cost of living crisis, purse strings are being tightened across organisations, however with awareness of the impact a cyber-attack or data breach can have on a business, and the relationship between CISOs and the C-Level getting stronger, it’s likely we’ll see more budget going towards cybersecurity solutions, with an emphasis on those that augment the job of the security team, as well as those that educate the wider business. 

On the whole, a continued path to collective resilience spreading responsibility for cybersecurity is a positive sign for the industry. However, as hackers become evermore sophisticated and the frequency of cyber-attacks continues, it’ll be vital that cyber strategies remain agile and continue to adapt to an ever-changing threat landscape and that everybody knows what role to play.

Emily Quick is  Account Director and cybersecurity specialist at The PHA Group

You Might Also Read: 

Wanted - A New Generation Of Cyber Security Leaders:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Ransomware Gang Claims Responsibility For The Attack On Oakland
A 'Golden Pipeline' To Secure The Supply Chain »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

ProfitBricks

ProfitBricks

ProfitBricks is a secure cloud computing infrastructure-as-a-service (IaaS) solution.

Forcepoint

Forcepoint

Forcepoint provide a unified, cloud-centric platform that safeguards users, networks and data while eliminating the inefficiencies of managing multiple point security products.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

Australian Cyber Security Growth Network (AustCyber)

Australian Cyber Security Growth Network (AustCyber)

AustCyber brings together businesses and researchers to develop the next generation of cyber security products and services.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Sepio Cyber

Sepio Cyber

Sepio is the leading asset risk management platform that operates on asset existence rather than activity.

Lynx Technology Partners

Lynx Technology Partners

Lynx Technology Partners is a full service, full life-cycle risk-based security consulting firm.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

CYDES

CYDES

CYDES is the first event in Malaysia to showcase advanced solutions and technologies to address cyber defence and cyber security challenges for the public and private sectors.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.