Following George Osborne’s announcement of a significant escalation in the UK’s cyber security investment, it seems timely to analyse why private sector companies are still so vulnerable to cyber threats. According to the CEO of Skarbek Associates, it’s because they continue to see cyber-security as a technology issue and not as a holistic program that demands a response from the entire organisation.
Paul Heugh, CEO of Skarbek Associates said :
“It is pleasing to see the government prioritising investment in cyber-security, but that enthusiasm for betterment in this space doesn’t appear to have been sustained in the private sector. The majority of companies need a sweeping review of their cyber strategies. What we are seeing far too often is an approach to cyber-security that only considers the technology, when in fact the biggest threats to the viability of any cyber strategy exist offline.
“Leaders need to realise that, for example, their HR department is just as important as their IT department when it comes to implementing a cyber security strategy. The principal risks to a firm’s digital assets come from inside the organisation, and so good screening and management of staff should be a priority. Research consistently shows cyber-security strategies failing to be implemented and it is because there is no holistic view of an organisation’s vulnerability.
“The fact is that most leaders are not currently aware of or prepared for the multiplicity of threats facing their organisations. They need to have cross-functional, multi-faceted strategies that are rehearsed frequently in simulation exercises, called ‘war games’, which prepare employees across the entire organisation and teach them how to spot vulnerabilities.”
[su_box title=”About Paul Heugh” style=”noise” box_color=”#336588″]Paul Heugh is founder and Chief Executive Officer of Skarbek Associates. Previously he was Vice President, Global Strategic Projects for GlaxoSmithKline, sitting on the leadership team of the Global Consumer Healthcare business. There he was responsible for the successful alignment, planning and delivery of all major strategic programmes and projects including new product developments and launches, acquisitions and divestments and major transformational change.Paul is a recognised expert in both the execution of major programmes, and in building the leadership and project management capability to deliver them. He has over 20 years experience of successful strategy implementation. This includes managing the large-scale transformation of companies in India and Central and Eastern Europe, enterprise-wide business change, multi billion pound new product pipelines, leadership development, capability building and organisational alignment.
Paul’s international experience spans four continents, from leading projects for business entry to the Central Asian Republics to establishing joint ventures with Middle Eastern partners. He has also developed world-class training programmes in project management and leadership, training thousands of people across the globe to deliver successfully.Before his business career Paul served in the British Army. He holds a Master’s degree in Business Administration.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.