Cyber Security

Cybersecurity Awareness Month: Championing a Culture of Security

Share this post:

IBM’s X-Force Command Center CTOC mobile unit.

October is Cybersecurity Awareness Month in many places around the world – so it is a great time to reinforce the importance of championing a culture of security, both inside IBM, and with our clients worldwide. Supporting smart habits in the workplace can go a long way in preventing cyber incidents that might lead to financial and reputational loss for corporations, governments and individuals alike.

The threat landscape is changing quickly, and organizations are ramping up efforts to thwart potential insider threats, bridge IT security gaps, manage shifting privacy regulations and prepare for recovery if they fall victim to an incident. No one is immune from a breach. Leaders at IBM and elsewhere are continually revisiting cybersecurity methods around the world to protect ourselves, our clients, and their end-users.

It Takes a Village

While most organizations deploy teams of security professionals to protect and secure their systems and data, it takes a village to help prevent cyber attacks. Security leaders can set the standard, but creating and maintaining a true culture of security means that cybersecurity is woven into every corner of the business.

As organizations invest in their technical controls – from continuous threat monitoring, to security vulnerability testing, to enhanced cybersecurity capabilities backed by AI and Machine Learning – educating and testing the workforce remains key to any security program’s success. After all, one quarter of all data breaches last year were caused by human error. One key area for education and testing is spotting phishing emails, which account for a very high percentage of security incidents. As part of our enablement program, IBM regularly tests employees with fake phishing links to help them identify real scams in the future.

Consider how your employees learn best and then invest in consumable, role-based education and situational awareness exercises. Rehearsing real-time responses to security incidents can be as simple as getting business and technical leaders in the same room to discuss plans and roles, or as comprehensive as using an immersive experience that simulates cyber incidents and responses. At IBM, for example, we have the Cyber Range X-Force Command Center that demonstrates the interdependencies between various business functions and security. The result is a strengthened muscle memory for better performance during an actual cybersecurity event.

An effective culture of security also involves regularly reminding employees about using strong passwords, offering online learning classes around corporate device and data management, and how to appropriately share sensitive or otherwise confidential information with third parties. Highlighting secure practices in employee communications related to newsworthy incidents or seasonal junctures (filing taxes, holidays, etc.) can also serve as good reminders and drive positive outcomes.

Thinking Bigger

Ensuring that everyone knows they have a role to play in cybersecurity will help make organizations more inherently resilient for the long-term. From the boardroom, to the back office, to operations, a well-rounded culture of security should provide employees in all roles, levels and locations with the proper knowledge and tools to contribute to cybersecurity. From there, organizations can move at the speed and scale they require, knowing that cybersecurity is built into every piece of the business.

Here at IBM Security, over 9,000 employees help design and deliver some of the most advanced and integrated enterprise security products and services in the industry. In October, and year-round, our teams recognize that cybersecurity is crucial to IBM’s mission as an organization, because trust and security are the bedrock that our clients count on.

BISO and Vice President of Services Solution Design, IBM Security

More Cyber Security stories

The World Needs More Volunteers, Here’s How Employers Can Help

We celebrate the spirit of volunteerism on International Volunteer Day, December 5, by recognizing the contributions of those who give back to schools, communities, and people in need. Imagine what a difference it would make it we could focus on altruism year-round and keep it going. Working together, we can. Many do what they can […]

Continue reading

Delivering Great Content in the Form of a Film About an Unlikely Hero

Modern marketing continues to evolve and so does the role of the modern marketer particularly in content marketing. Traditionally, we create content to share news, tell stories about products or services and to drive brand favorability and awareness. IBM has been using content to connect with audiences since the launch of Think magazine in the […]

Continue reading

The University of Ottawa and IBM Team On Cybersecurity Research

In our increasingly interconnected world, improving cybersecurity and safety has reached a critical point as threats and attacks become more sophisticated and insidious. According to the World Economic Forum, cybersecurity breaches have grown by 67 percent over the past five years alone. We’ve all heard about or perhaps experienced firsthand the repercussions of such acts: […]

Continue reading