To stand a chance in the fight against cybersecurity threats, Peluso says businesses need to focus on “end user education and training.” That means giving IT time to develop internal or external training programs for products and services and to create a culture that embraces security.
“This education cannot be a once-a-year training course, but rather must be pervasive throughout your company culture. In the absence of security education or experience, people — employees, users, and customers — naturally make poor security decisions with technology,” he says.
Expectations versus reality
The survey found that IT pros enjoy modernizing technology, troubleshooting or assisting users and planning or strategizing. However, respondents estimated that they spend, on average, only 11 percent of their time on “IT planning and strategy,” and 13 percent on “modernizing technology.”
While day-to-day issues in IT will never go away — there will always be hardware to deploy, software to update and help desk tickets to attend to — there are ways you can ease some of the grunt work in IT.
“The secret here is to identify and automate those time-consuming, repetitive tasks that are sapping your organization’s ability to focus on more business-critical issues and find ways to automate them,” says Peluso.
Creating time for your IT staff to focus on innovation and cybersecurity can help your IT workers spend more time on projects they care about — such as modernizing business technology and safeguarding the business against attacks. A little automation can go a long way — and it will all be worth it the next time your business escapes another major data breach unscathed.
“To avoid becoming the next data breach headline — which surface nearly daily — organizations need to prioritize cybersecurity controls and training. When IT workers fail to devote adequate time to devising a security strategy, they open themselves up to harmful threats like ransomware, malware, and even inside attacks,” says Peluso.
Sign up for CIO Asia eNewsletters.