Monday, September 28, 2020
  • Troubleshooting the JumpCloud Agent Remotely
  • APWG: SSL Certificates No Longer Indication of Safe Browsing
  • DEF CON 28 Safe Mode Blue Team Village – Connor Morley’s ‘OuterHaven: The UEFI Memory Space Waiting To Be Misused
  • Backdoor Obfuscation: tempnam & URL Encoding
  • Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 296’

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Cybersecurity Is Everyone’s Job

Cybersecurity Is Everyone’s Job

by Maurice Uenuma on July 2, 2018

As we all know by now, the human factor is crucial to enterprise security. Cyber attacks routinely exploit vulnerable human behaviors to gain entry, since organizations must trust their own people—or at least some of them—with access to critical systems.

Humans make decisions on risk tradeoffs, funding for security programs, adherence to policies, and hiring, factors which impact the organization’s security posture in many ways. From the newest intern to the chief executive, all members hold the power to harm, or to help, the security of sensitive data and essential systems.

Acknowledging this is a necessary but insufficient step. The humans we rely on must know what to do about all of this. Given that cybersecurity is neither the expertise nor passion of most people, there must be an easy-to-understand and easy-to-do set of actions that everyone can perform to do their part.

It turns out that for all of the resources available on security awareness and training, there is precious little available on security guidance for employees based on their business functions. That is, guidelines for people based on their job role: security guidelines for Finance and Administration professionals or security guidelines for Legal & Compliance workers.

It was to address this need that the Workforce Management subgroup of the National Initiative for Cybersecurity Education (NICE) launched a project to draft guidelines for all members of an organization based on business function.

NICE is a program of the National Institute of Standards and Technology (NIST), the lead federal agency for maintaining the Framework for Improving Critical Infrastructure Cybersecurity (commonly known as the Cybersecurity Framework, or CSF), among other standards. (Many readers may also be familiar with NIST for the Special Publication 800 series, which provides detailed technical standards for security.)

The Workforce Management subgroup, part of the (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Maurice Uenuma. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/cybersecurity-is-everyones-job/

July 2, 2018July 2, 2018 Maurice Uenuma Cyber Security, Cybersecurity, Featured Articles
  • ← Women in Information Security: Rebecca Herold
  • Phishing Campaign Uses TLS Certificates to Impersonate Netflix and Steal Users’ Account Credentials →

TechStrong TV – Live Streaming

TechStrong TV - All Episodes
Featured Blog

blubracket

Git it right—How hackers exploit Git misconfigurations & what to do about it

blubracket

Uncovering Secrets in Code—A Case Study

blubracket

BluBracket Adds Stolen and Leaked Code Detection, Remediation to its CodeSecurity Suite

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

IBM Launches Security Assessment Service Focused on Business Risk
The FINCEN Files Leakage
Data Recovery: Averting Disaster in the New Normal
Who Owns Open Source Security?
CSA Report Surfaces Cloud Attack Patterns
Cybersecurity Risk Management Process
Government Services Firm Tyler Technologies Hit by Ransomware
Fighting Smoke with Open Source
Cloud Workload Security Needs a Proactive Approach to Processes and Technology
The Top 5 Needs of DAST Testing

Upcoming Webinars

Tue 29

Step-by-Step Guide to Protecting Web Apps with Google reCAPTCHA

September 29 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

IoT Security: Don’t Sacrifice Data for Usability
Cybersecurity Industry Spotlight IoT & ICS Security Security Boulevard (Original) 

IoT Security: Don’t Sacrifice Data for Usability

September 28, 2020 Christos Kalantzis | 15 hours ago 0
Who Owns Open Source Security?
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

Who Owns Open Source Security?

September 25, 2020 Robert Former | 3 days ago 0
Data Recovery: Averting Disaster in the New Normal
Cybersecurity Incident Response Industry Spotlight Security Boulevard (Original) 

Data Recovery: Averting Disaster in the New Normal

September 24, 2020 Shridar Subramanian | 4 days ago 0

Top Stories

CSA Report Surfaces Cloud Attack Patterns
Cloud Security Cybersecurity Featured News Security Boulevard (Original) Spotlight 

CSA Report Surfaces Cloud Attack Patterns

September 25, 2020 Michael Vizard | 3 days ago 0
IBM Launches Security Assessment Service Focused on Business Risk
Analytics & Intelligence Cybersecurity Featured Governance, Risk & Compliance News Security Boulevard (Original) Spotlight 

IBM Launches Security Assessment Service Focused on Business Risk

September 24, 2020 Michael Vizard | 4 days ago 0
Feds Yell PATCH NOW over Windows AD ‘Zerologon’ Vuln
Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response News Security Awareness Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

Feds Yell PATCH NOW over Windows AD ‘Zerologon’ Vuln

September 22, 2020 Richi Jennings | Sep 22 0

Security Humor

via   the respected information security capabilities of  Robert M. Lee   & the superlative illustration talents of  Jeff Haas  at  Little Bobby Comics .

Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 296’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2020 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.