From the Break Room to the Board Room: creating a culture of cyber security in the workplace – a start-up’s perspective
October 14, 2016
This October, we’re supporting National Cyber Security Awareness Month as an official champion. NCSAM is celebrated every October and marks a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.
No matter how many faces fill your boardroom, we all encounter familiar challenges within those four walls. Extroverts, strategic thinkers, disruptive personalities, seasoned ‘lifers’. They’re there to keep it interesting. You’ll also come across similar characters in the break room. So, whether or not there’s a difference between how colleagues behave in each of these environments, how do we introduce cyber security into the water cooler culture?
Careless talk costs lives
Common issues that risk weakening your security posture often lie with the human factor, or the ‘insider’. What are often considered as small, insignificant actions on their own usually have the potential to cause widespread damage at an organizational level. Forwarding emails to personal accounts, using company credentials to subscribe to online platforms, sharing passwords for team accounts. The difference is that the c-level execs will probably agree to prioritizing your cyber security strategy in the board room, but how many walk the talk in the break room?
Trust plays a fundamental role in establishing and developing any company culture, and yet it’s never guaranteed. Blueliv approaches cyber security from the outside in, so let’s think about the insider threat from a different angle. Integrating one or more sources of external threat intelligence into your cyber security strategy helps reinforce internal efforts to educate and raise awareness of colleagues’ responsibilities. Not only does an external threat intelligence solution enable an organization to detect threats outside the corporate network, it can also significantly contribute towards improving incident response times and ensuring business continuity in the event of a breach.
Approaching the topic of cyber security from a different perspective can also emphasize the relevance to employees’ lives outside of the workplace – the trick is to encourage people to take responsibility for their information irrespective of the context.
Strength in numbers
The Blueliv team is relatively small, yet mighty. As a start-up that has seen rapid expansion in the last six months, we are currently in the process of learning more and more about what company culture means to us. A handful of common factors define an organization’s culture, no matter how many colleagues you have; communication, shared responsibilities, shared passion and shared beliefs.
The Blueliv cyber security solution was originally developed as a result of thinking outside the box. So with that in mind, we encourage you to think outside of the box when it comes to establishing and sustaining your culture of cyber security and consider how these common factors are also typical of why cybercriminal organizations are successful. The bad guys know the importance of strong communication, and their operations boil down to shared passion and shared belief that culminate in a shared responsibility to make an impact, not as individuals, but as a strong, collaborative community. Above all, there is strength in numbers. CISOs, take note.
Encourage the extroverts to champion your cyber security initiatives and explain in plain terms the value of a holistic solution. Tailor the discussion depending on who you’re trying to engage; strategic thinkers, disruptive personalities and seasoned ‘lifers’ included. Adopt the behaviors that define a strong culture in the board room, and they’ll soon filter through to the break room, too.