Educating an organisation with basic awareness training is vital. As the attacks become more sophisticated we need users to act as a control; noticing potential incidents and reporting them for investigation. This will reduce the cost of the cyber reaction through early identification and minimal error in initial response. Every single employee has a responsibility to help reduce spend on cybersecurity. As it becomes more socially acceptable for companies to experience incidents the users will look for the supporting processes as a way to ensure confidence is maintained and a chance provided to the company that experiences the event.
We also need to start to be honest and open with each other about the impact that cyber has to our economy by recording and quantifying security incident impacts. This is a great way to show the benefit of security spend to any Board member.
To underscore the urgency of this matter I would like to call for all industry security experts from around New Zealand to contact me directly on David.Kennedy.NZ@gmail.com.
I will take it upon myself to ensure we are working together to develop a mechanism to address risk and obtain budgets for business growth. I promise to work with each and every one of you to build a network, work together, share information and enable you to have a process for providing a workable security posture to present to your management.
Sign up for CIO Asia eNewsletters.