Cybersecurity Is No Longer The Sole Responsibility Of IT Specialists 

Uploaded on 2023-03-14 in NEWS-News Analysis, FREE TO VIEW

While cybersecurity used to be a topic and responsibility reserved only for the IT team, we’re seeing the industry shift to a mindset of collective resilience. One where the entire company has a role to play when it comes to cybersecurity and the weight of cyber risk or even a data breach doesn’t rest solely on the shoulders of the CISO

While there’s still a lot to be done, there are positive steps being made towards more cross-industry collaboration, less pressure on the role of the CISO, and an opportunity not only for cybersecurity vendors to increase their business, but also for employees across the globe to gain a better understanding and appreciation for the importance of cybersecurity.

Rebalancing Responsibility 

Given the rising frequency of cyber-attacks around the globe, it’s not surprising to see a move to strengthen overall resilience. Cybersecurity is relevant to all industries, all businesses and all job roles, so business-wide resilience has to be a top priority. Despite challenges, the private and public sector are working to spread the burden of cybersecurity, both through education and awareness, as well as regulations and policies.  

The latest example of this is the new US National Cybersecurity Strategy from the Biden-Harris Administration, which plans to focus on “rebalancing the responsibility to defend cyberspace” and taking the burden away from individuals and small businesses. Although the implementation of these plans is not yet clear and there’s no certainty on what will change, the release of the strategy has prompted discussion around how to handle liability when it comes to a cyberattack. 

Preventing Burnout

It’s well-known in the industry that CISOs are among those with the most high pressure jobs, and that the result often leads to burnout. A 2022 survey highlighted stress and burnout as the most significant personal risks CISOs are facing in their role. 

Whilst CISOs will always have a responsibility for the cybersecurity of their business, organisations are engaging in cybersecurity more on the whole meaning there’s better understanding from the C-Level - with Accenture’s latest State of Cybersecurity report stating that 70% of organisations include cybersecurity as an item for discussion in every board meeting - as well as employees across all departments. 

The relationship between the CISO and the Board and leadership team impacts the overall approach to cybersecurity from the entire company. For example, the same Accenture report noted that CISOs in a group dubbed “Cyber Champions” were more likely to report to the CEO and the Board as well as have a far closer relationship with the CFO. What’s more, when it comes to budget authorisation, only 19% of those “Cyber Champions” had their budgets authorised by the CEO or the Board, meaning the majority had autonomy over what they spend their budget on. 

With increased recognition that cybersecurity is not the sole responsibility of one person or one team, we’ll hopefully continue to see the burden on CISOs reduced as well as more involvement and ownership from other senior leaders. 

The Opportunity For The Industry

As we see more businesses take note of cybersecurity, it’s likely there’ll also be a broader impact on other businesses in the market, including vendors. 

With the current economic and cost of living crisis, purse strings are being tightened across organisations, however with awareness of the impact a cyber-attack or data breach can have on a business, and the relationship between CISOs and the C-Level getting stronger, it’s likely we’ll see more budget going towards cybersecurity solutions, with an emphasis on those that augment the job of the security team, as well as those that educate the wider business. 

On the whole, a continued path to collective resilience spreading responsibility for cybersecurity is a positive sign for the industry. However, as hackers become evermore sophisticated and the frequency of cyber-attacks continues, it’ll be vital that cyber strategies remain agile and continue to adapt to an ever-changing threat landscape and that everybody knows what role to play.

Emily Quick is  Account Director and cybersecurity specialist at The PHA Group

You Might Also Read: 

Wanted - A New Generation Of Cyber Security Leaders:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Ransomware Gang Claims Responsibility For The Attack On Oakland
A 'Golden Pipeline' To Secure The Supply Chain »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

Trinexia

Trinexia

Trinexia (formerly Credence Security) is a specialty Value-added Distributor of Cyber Security, Digital Forensics, Security Awareness, Data Security & Governance solutions.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

SilverSky

SilverSky

SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Vizius Group

Vizius Group

The Vizius Group are a think tank of cybersecurity consultants who understand the mechanics and business value of risk reduction.

BDO Global

BDO Global

BDO is an international network of public accounting, tax and advisory firms which perform professional services under the name of BDO.

Slamm Technologies

Slamm Technologies

Slamm Technologies is a trusted IT firm that offers Cyber Security Support, Corporate IT Solutions and Professional IT Training courses with international certification.

Globesecure Technologies

Globesecure Technologies

Globesecure Technologies is a networks and cyber security company. We are here to resolve business security challenges and secure the digital transformation journey of our clients.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.

Camelot Secure

Camelot Secure

Camelot Secure Secure360 platform is a holistic redefinition of what world-class cybersecurity strategies can be. Prepare. Protect. Deploy.