Business Leadership Is First On CISA Cyber Essentials Toolkits
Following their Cyber Essentials resource, CISA has rolled out an additional six Cyber Essentials Toolkits. The first takes a macro view of organizational security by looking at the leader’s role in encouraging a secure workplace.
The role that C-level organizational members play in cybersecurity cannot be overstated. According to a recent survey of corporate technology officers conducted by the Wall Street Journal, companies that conducted executive-level training were more likely to take the necessary steps in developing a cybersecurity program:
- Identification and protection of critical data (84% over the 72% average)
- Insurance coverage (63% over 51%)
- Implementation of an incident-response plan (84% over 70%)
The bottom line?
Business leadership needs to set an example for everyone in the organization. That’s why it’s the first of CISA’s Cyber Essentials Toolkits.
What Role The Leader Play In Cybersecurity Culture?
According to CISA, the leader of a business is an essential element of that organization’s “Culture of Cyber Readiness.” Engaging in this specific culture requires following CISA’s essential actions:
- Lead investment in basic cybersecurity
- Determine how much of their operations are dependent on IT
- Build a network of trusted relationships with sector partners and government agencies for access to timely cyber threat information
- Approach cyber as a business risk
- Lead development of cybersecurity policies
And while much of these actions may be taken and managed by IT professionals and other subordinates, the direction to do so and the culture that surrounds them begins with the leadership. CISA notes that leaders that want to develop a Culture of Cyber Readiness need to lead the charge by:
- Driving cybersecurity strategy, investment, and culture
- Being aware of the basics that promote cybersecurity and incorporating them as a part of the strategy of operational resilience, all of which requires time and money
- Investing these resources and motivating actions and activities that build and sustain a culture of cybersecurity
In a nutshell? If you devote resources like time and money towards the implementation of cybersecurity technologies and the development of business-wide cybersecurity awareness, it will all promote a Culture of Cyber Readiness.
And while this is your role to fill, that’s not to say you have to do it independently. Kraft Technology Group will help you assess your vulnerabilities, determine necessary changes to promote cybersecurity and provide you with tools to help develop your culture.