Technology is necessary in addressing cyber threats but it cannot work independent of complementary factors such as policy guidelines, information sharing on threats, and user awareness. Indeed, developing a cyber-security culture achieves two important objectives: 1) it intertwines security practices with business operations in order to improve an organization's security posture, and 2) it demonstrates that security is not a function relegated to an understaffed and underfunded IT department.

Establishing a cyber-security culture advocates the need that everyone – including executive leadership and management – has an equal part in cyber-security, which is essential for bolstering an organization’s resiliency.

Read Full Article