Privacy & Security CompTIA paper helps firms to build a cyber security culture Howard Solomon @HowardITWC Published: July 3rd, 2018Cyber security is on the minds of most members of boards and the C-suite. However, there are still many other organizations that don’t know where to start, or leave it to the IT staff to figure it out. That’s a mistake because it’s vital to create a culture of cyber security, and that has to start at the top.CompTIA, the computing industry’s trade and IT certification association, has issued a white paper for executives on how to build that culture. “Security can no longer be thought of as a technical problem with a technical solution,” says the paper.”It must be treated as a critical business concern.”It outlines six guiding principles that will enable senior leaders to assess and improve their organization’s approach to cybersecurity:— Integrate cybersecurity into your business strategy;–The corporate structure should reinforce a culture of cybersecurity;–Remember, your employees are your biggest risks;–Detection first is vital: The longer it takes to detect a data breach, the more expensive the data breach becomes;–Make it easy on yourself: Collect only the data you need, share only what you have to;–Develop robust contingency plans, and test them; Related Articles Six cyber security questions a board should ask the CISOThe answer to the question 'Who is responsible for cyber security in an organization?' is debatable. It ranges from --everyone,... November 29th, 2017 Howard Solomon @HowardITWC The evolving role of CIOs and how the board can spark transformationBy Betsy S. Atkins The past few decades have seen an explosion in the number of C-level roles at the... October 3rd, 2017 IT World Canada Staff @itworldca The worst presentation CISOs make to boards (and how to avoid it)SAN FRANCISCO – For a CISO arguably it’s a toss-up over which is worse: Learning there’s been a network intrusion,... February 21st, 2017 Howard Solomon @HowardITWC “To transform your company culture so that it truly embraces cybersecurity, senior leadership must view it as part of the broader risk management process, rather than jettisoning it off as a technology problem with a technology solution,” the association advises.“Instead of blaming individuals for issues, always look first to the corporate structure. Are employees encouraged to hide mistakes, or investigate and address issues? Is your cybersecurity department adequately resourced to address challenges, or is the team encouraged to cut corners and deliver at ever-increasing speeds with an ever-depleted budget? The most successful cybersecurity approaches are not necessarily the most expensive, but they do require persistence, attention, and prioritization.” Would you recommend this article?00 Thanks for taking the time to let us know what you think of this article! We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →Jim Love, Chief Content Officer, IT World Canada Related Download Sponsor: CanadianCIO Cybersecurity Conversations with your Board – A Survival Guide A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA Download Now Privacy & Security CompTIA, security strategies