The Washington Post’s 2/4/2014 article on ‘Senate cybersecurity report finds agencies often fail to take basic preventive measures’ brings up two interesting points from Michael Daniel, special assistant to the president on cybersecurity policy.
1) Why does every organization need their own cyber incident to realize the seriousness of the issue? How much money, pain, and bad press could we all save by learning from others that are impacted – esp in a situation that we are not lost for examples to look at?
2) The concept of Awareness – this is so important throughout any organization. As is the education of all employees and what their role is in the Cybersecurity program of an enterprise.
Cybersecurity is an organizational and cultural change that needs to be understood throughout an enterprise. Organizations need to understand this is an issue that affects their financial bottom line – whether that is money or bad PR – not just their networks.