“An organization’s ability to learn, and translate that learning into action rapidly, is the ultimate competitive advantage.” – Jack Welch, former CEO of General Electric
Last week we referenced the NIST Cyber Security is Everyone’s Job, which stated: “Deep technical knowledge is not required from leaders; rather, they should model good personal security habits based on sound guidelines.” This week we dive into those two recommendations.
As kids, we avoided the bogeyman by hiding under the covers and relied on our guardians and parents to check the closet, under the bed, and assure us that the nightlight would stay on. Ironically many business leaders see cyber management as our corporate guardians and continue to treat cyber risk as mysterious, even scary. We perpetuate this theory by reserving “Incident Response” for IT leaders and Cyber Security Experts.
But we are not kids under blankets anymore.
Understanding best practices and cybersecurity basics such as industry frameworks and legislation, creating and reviewing policies and standards will get us out from under the covers and side by side with our IT counterparts. It is your opportunity to learn and “translate that learning into action rapidly”. Courses such as CertNexus’ IRBIZ prepares non-technical leaders about incident response methods, best practices, and procedures that align with industry frameworks so that you have an entire organization watching and protecting from the bogeyman.
Modeling is what you as a leader do naturally. But are you doing that for cybersecurity? Even if you are still working on establishing policies and protocols, you can run your own campaign of modeling in parallel.
- LEARN what to model. View CyberSAFE compliance eLearning as a guide and encourage your employees to do the same even if it is not yet a requirement.
- DISPLAY your knowledge. Post credentials on social media and company sites. Encourage others to do the same.
- CHALLENGE others by sharing readiness tests. Or run a compliance campaign using phishing programs to reward people who resist phishing emails the most!
- ENGAGE in conversations about CyberSAFE. Have fun with it! Something a simple as leaving a post-it-note thanking employees for locking their computers when walking away from desks can add awareness.
- SMILE when you are asked for that two-factor authentication instead of groaning. (Remember when we had to walk to a bank to deposit money or rely on a passbook for a balance? Waiting for a code to enter REALLY isn’t that bad!)
Get Ready for the future! Knowing how new technologies work not only will expand your knowledge, but also provide context for their impact on security. IOTBIZ and AIBIZ provide additional learning to gain that “competitive advantage” when it comes to emerging technologies such as the Internet of Things, Artificial Intelligence and Machine Learning… More to come!