It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology. In responding to a cyber and data security risk profile, laypersons expect to hear a lot about technology-driven solutions. In fact, a lot of time is spent reviewing, assessing and selecting specific solutions to incorporate into an overall security framework.
Chief Information Security Officers that rely on these solutions, without addressing the human element, are missing the most important ingredient to any cyber compliance program. Just to state another profound grasp of the obvious – humans/employees are responsible for executing business functions and ultimately, a cyber compliance program has to incorporate strong human focused controls.
This sounds like a lot of mumbo jumbo. Let me try and boil this down. Humans have to design and implement cyber-focused controls. Humans have to communicate about these controls to ensure that everyone follows the specific protocols. Cybersecurity professionals have demonstrated strong interpersonal skills, even though they operate in a…
