Page 53 - Ramco JO SACCOStar _Vol 50.indd
P. 53

OPINION

                                                                           Build a
                                                                       CULTURE of
                                                                    CYBERSECURITY

                                                                           in your
                                                                     ORGANIZATION

   By Pauline Omollo,                                               An organization’s security culture requires care and feeding. It is
   Director of Sales and Operations at Protec Kenya                 not something that grows in a positive way organically. You must
                                                                    invest in security culture. A sustainable security culture is bigger
    - “We don’t need security.’’-                                   than just a single event. When a security culture is sustainable,
                                                                    it transforms security from a one-time event into a lifecycle that
With our modern dependence on technology and                        generates security returns forever.
                security, nobody would dare make this statement.
                Everyone knows how crucial security is and how it   Sustainable security culture has four defining features. First, it is
must be embedded into everything an organization does.              deliberate and disruptive. The primary goal of a security culture
                                                                    is to foster change and better security, so it must be disruptive
Security culture is what happens with security when people are      to the organization and deliberate with a set of actions to foster
left to their own devices. Do they make the right choices when      the change.
faced with whether to click on a link? Do they know the steps
that must be performed to ensure that a new product or offering     Second, it is engaging and fun. People want to participate in
is secure prior to ship? Take a stroll to the Information Security  a security culture that is enjoyable and a challenge. Third, it is
department in any organization and you'll hear about the latest     rewarding. For people to invest their time and effort, they need
blunder an employee made that resulted in lost data. Security       to understand what they will get in return. Fourth, it provides
is widespread and mainstream, but security culture has not kept     a return on investment. The reason anyone does security is to
pace with the threat landscape.                                     improve an offering and lower vulnerabilities; we must return a
                                                                    multiple of the effort invested.
Every organization that summons the power of the crowd
needs to acquire and develop a sixth sense for cyber threats        Let’s put a culture of security in place across your entire
that is generally lacking in their counterparts. It happens when    organization. There’s something every employee can do, and
every employee hones their capabilities for practising sound        every functional leader can adopt to embed cybersecurity
cybersecurity defence. More importantly, it occurs when the         into the daily fabric of the workplace, to bring the might of the
role of cybersecurity becomes so inextricably intertwined in the    12th Man to the cybersecurity field and the sixth sense of the
day-to-day job of every employee that the collective sixth sense    collective herd to the first -order fight of the digital sphere.
of the organization amplifies the detection of threats before
irreparable damage can ensue.

                                                                    SACCO Star Magazine | 51
   48   49   50   51   52   53   54   55   56   57   58