In my latest article for SecurityWeek I share one of the things I've learned over two-plus decades in this industry; you can’t leave security as the sole domain of just a few and expect to be successful. As threats and vulnerabilities continue to evolve, it is incumbent upon organizations to empower all of their employees to take an active role in their own network security. There are still too many who mistakenly view security as a point-in-time activity rather than a process, leading to a breakdown in the level of vigilance needed in order to create an effective security culture.
So how do we combat this behavior and get everyone thinking more seriously about security? First, put the data in the hands of everyone. Security shouldn’t be a secret. While I fully understand and expect that certain aspects of protocols and architecture will remain confidential, this doesn’t mean that users shouldn’t be educated on security best practices and instructed on how to recognize and prevent malicious behavior.
Please visit this link to read the rest of the article: http://www.securityweek.com/everyone-security-manager
Mark Hatton, President, CEO