You Can’t Put a Firewall on Everything

On: January 27, 2014
One of the signs of a privacy and security awareness program that is working is an increase in employees reporting security-related events.

One of the signs of a privacy and security awareness program that is working is an increase in the reporting of security-related events by the organization’s employees. In fact, it’s one of several good awareness metrics for measuring the effectiveness of a security program. That matters because there are many aspects of an organization’s security posture that cannot be addressed by technology. Certain BYOD behaviors, tailgating, unsecured workspaces, and many other things come to mind. You just can’t put a firewall on everything.

To address these privacy and security challenges, some of the more astute companies are reinforcing their awareness programs with the equivalent of a neighborhood watch, moving security enforcement out into the grassroots of the organization. And it works. When security awareness becomes an organizational habit, people begin to notice things that would otherwise go undetected. When all employees are responsible not only for their own behaviors, but also those of their co-workers, you can be sure that behavioral errors that might compromise the organization’s security will be caught and corrected.

The benefits of such mutual accountability are obvious, but admittedly not so easy to instill. Real behavior change requires a change to the corporate culture. It takes making privacy and security awareness a priority that receives more than lip service. It takes moving beyond the trap of mere compliance. In today’s high-stakes climate of increasingly sophisticated cybercrime, a strong culture of security awareness is simply no longer an option. Ready to learn more? Here’s a great place to start.

Share this Article

Related Articles

Explore some tips for wrangling data your organization may already collect to enhance your security or privacy employee awareness program
White Paper: Using Data to Inform Your Awareness Program
MediaPro Chief Strategist Dr. Tom Pendergast presents some tips for assessing the maturity of your current awareness program.
Video: MediaPo Best Practices: Assessing the Maturity of Your Awareness Program
Read our newest eBook on how the NIST Cybersecurity Framework can be used to improve security awareness.
eBook: How the NIST Cybersecurity Framework Improves Security Awareness
The annual Verizon Data Breach Investigations Report serves up as many learning moments as it does troubling InfoSec statistics this year.
The More You Know: 5 Lessons from the 2016 Verizon Data Breach Report