For large organizations looking to build a robust cybersecurity strategy, failure to get the fundamentals in place practically guarantees a disaster.
If you ask Matthew Rosenquist, a former Cybersecurity Strategist for Intel (now independent), overcoming denial of risk, employing the right cybersecurity leader, and defining clear goals are the three most critical objectives for avoiding a negative outcome.
Getting things right
“Every organization, large and small, begins with a belief they are not at significant risk. This denial is dangerous and can persist even when attacks occur,” he told Help Net Security.
This denial must be addressed with facts and critical thinking and, once leadership accepts the need for cybersecurity and the responsibility for addressing related risks, they must find and employ a good cybersecurity leader.
Rosenquist warns against employing experts from unrelated domains.
“Far too often organizations believe cybersecurity leadership is a simple project management or technical role and that, therefore, just about anyone could be successful in it. I have seen excellent human resources, marketing, engineering, and finance managers be…
