Business Transfor...
Follow
Find
11.9K views | +5 today
 
Scooped by Karl Wabst
onto Business Transformation
Scoop.it!

The SEC Will Be Looking at Companies' IT Security and Data Breach Response Policies -- Is Your Company's Up to Date?

The SEC Will Be Looking at Companies' IT Security and Data Breach Response Policies -- Is Your Company's Up to Date? | Business Transformation | Scoop.it

Recent statements from the SEC indicate that the new standard of care for companies may require policies in place for (1) prevention, detection, and response to cyber attacks and data breaches, (2) IT training focused on security, and (3) vendor access to company systems and vendor due diligence.

Karl Wabst's insight:

You can have great security policies. They can even be as current as humanly possible. You are likely to be hacked. If auditors observe your people doing their jobs the way they normally do them you are likely to fail a security audit.

 

Be honest, does your staff know your security policies? Do they follow them? Yeah, right.

 

The issue is that your people don't understand why. What’s in it for them? You pay them to get a job done. Following a security policy is not as important as getting the widget shipped on time. That’s how you make money.

 

Unless the people, including systems administrators and the CEO, understand why they are following the rules they will break them. If people are not rewarded in ways that matter to them, security will always be second to the widgets.

 

The people factor in security is complex. Don't underestimate the ability of your people to find a way around controls. In business, we reward bending and breaking rules. Some call it innovation.

 

People are not computers. Help them understand why and listen to their ideas and pains. They can find creative ways to be secure and innovative. 

more...
No comment yet.
Business Transformation
Corporate and Business Strategy and Execution in the Post Industrial, Digital Economy. Want to know more? Visit me on LinkedIn: www.linkedin.com/in/karlwabst/
Curated by Karl Wabst