Tuesday, October 23, 2018
  • Cybersecurity Best Practices Calls for Penetration Testing
  • Bug Spells Doom for Nearly-Vacant Google+ Network
  • 35 Million U.S. Voter Records Available for Sale on Hacker Forum
  • Incident Response Basics: Getting started with DFIR
  • Women in Information Security: Jennifer Fernick

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Security Bloggers Network 

Home » Security Bloggers Network » Cybersecurity Is Everyone’s Job

Cybersecurity Is Everyone’s Job

by Maurice Uenuma on July 2, 2018

As we all know by now, the human factor is crucial to enterprise security. Cyber attacks routinely exploit vulnerable human behaviors to gain entry, since organizations must trust their own people—or at least some of them—with access to critical systems.

Humans make decisions on risk tradeoffs, funding for security programs, adherence to policies, and hiring, factors which impact the organization’s security posture in many ways. From the newest intern to the chief executive, all members hold the power to harm, or to help, the security of sensitive data and essential systems.

Acknowledging this is a necessary but insufficient step. The humans we rely on must know what to do about all of this. Given that cybersecurity is neither the expertise nor passion of most people, there must be an easy-to-understand and easy-to-do set of actions that everyone can perform to do their part.

It turns out that for all of the resources available on security awareness and training, there is precious little available on security guidance for employees based on their business functions. That is, guidelines for people based on their job role: security guidelines for Finance and Administration professionals or security guidelines for Legal & Compliance workers.

It was to address this need that the Workforce Management subgroup of the National Initiative for Cybersecurity Education (NICE) launched a project to draft guidelines for all members of an organization based on business function.

NICE is a program of the National Institute of Standards and Technology (NIST), the lead federal agency for maintaining the Framework for Improving Critical Infrastructure Cybersecurity (commonly known as the Cybersecurity Framework, or CSF), among other standards. (Many readers may also be familiar with NIST for the Special Publication 800 series, which provides detailed technical standards for security.)

The Workforce Management subgroup, part of the (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Maurice Uenuma. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/cybersecurity-is-everyones-job/

July 2, 2018July 2, 2018 Maurice Uenuma Cyber Security, Cybersecurity, Featured Articles
  • ← Women in Information Security: Rebecca Herold
  • Phishing Campaign Uses TLS Certificates to Impersonate Netflix and Steal Users’ Account Credentials →
Featured Blog

Fortinet All Blogs

How CISOs Can Maintain Corporate Privacy as Employees Adopt Emerging Technologies

Fortinet All Blogs

An Analysis of Microsoft Edge Chakra JavascriptArray TypeId Handling Memory Corruption (CVE-2018-8467)

Fortinet All Blogs

Using Location Analytics to Improve Your Business

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

6 DevOps Security Challenges to Overcome
New Attacks Reuse Malware Code from Dormant APT1
BlackEnergy Successor Hits Energy Companies Since 2015
Schneier: Security Tough in the ‘Computerization of Everything’
Insider Threat: FinCEN Insider Bares Treasury Secrets
How Are You Celebrating National Security Awareness Month?
How to remove fileless malware
Fighting mobile banking threats with threat intelligence | Avast
RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin
Here are all the countries where the government is trying to ban VPNs

Upcoming Webinars

Mon 29

Seeing Red: Understanding Red Team Security

October 29 @ 1:00 pm - 2:00 pm
Wed 31

Beyond S3 Buckets – Effective Countermeasures for Emerging Cloud Threats

October 31 @ 11:00 am - 12:00 pm
Nov 07

Operationalizing Data For Fraud Investigations

November 7 @ 1:00 pm - 2:00 pm
Nov 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The State of Security RSA Special Report

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

ASan and Beyond: Harnessing the Potential of the Masses to Fight Cybercrime
Cybersecurity Industry Spotlight Security Boulevard (Original) Threat Intelligence 

ASan and Beyond: Harnessing the Potential of the Masses to Fight Cybercrime

October 22, 2018 Ronen Slavin | Yesterday 0
6 DevOps Security Challenges to Overcome
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

6 DevOps Security Challenges to Overcome

October 19, 2018 Gilad David Maayan | 4 days ago 0
Keeping Data on a Short Leash to Avoid Breaches
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Keeping Data on a Short Leash to Avoid Breaches

October 18, 2018 Bill Alderson | Oct 18 0

Top Stories

FreeRTOS Flaws Puts Many IoT, ICS Devices at Risk
DevOps Featured IoT & ICS Security News Security Boulevard (Original) Spotlight 

FreeRTOS Flaws Puts Many IoT, ICS Devices at Risk

October 22, 2018 Lucian Constantin | Yesterday 0
FireEye Focuses on Email Security Analysis with Free Offering
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

FireEye Focuses on Email Security Analysis with Free Offering

October 22, 2018 Michael Vizard | Yesterday 0
New Attacks Reuse Malware Code from Dormant APT1
Endpoint Featured Malware News Security Boulevard (Original) Threat Intelligence Threats & Breaches 

New Attacks Reuse Malware Code from Dormant APT1

October 19, 2018 Lucian Constantin | 3 days ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.