Posts

Showing posts with the label cybersecurity policy

Strategic Cybersecurity Thinking

Image
Strategic Cybersecurity Thinking The ability to come up with effective plans in line with an organization's objectives within a particular cybersecurity situation. Strategic thinking helps cybersecurity managers review policy issues, perform long term planning, set goals and determine priorities, and identify potential risks and opportunities. Clearly, there needs to be a clear strategy as to what needs  to be done with respect to security. Such a strategy should determine the policies and  procedures. However in practice rarely a strategy for security is created. Most emphasis  is placed on policies, implementation of which is generally relegated to the lowest levels.  Rather it is assumed that most people will follow the policy that is created.  A strategic cybersecurity programme does not begin with tools and tactics, but with an articulation of one or more programme goals. Sun Tzu once said in The Art of War: “If you know the enemy and know yourself, yo...

Cyber Security: Build a Culture of Prevention in Your Organisation

Image
Cyber Security:  Build a Culture of Prevention in Your Organisation Prashant Mali,  Cyber Security Policy & Law Expert - India “You cannot buy the revolution. You cannot make the revolution. You can only be the revolution. It is in your spirit, or it is nowhere.”  ―  Ursula K. Le Guin ,  The Dispossessed Today all organization’s need “Cyber Security Revolution”  i.e they need to bring in culture of cyber security within their organization.   A strong cyber security culture is both a mindset and mode of operation. One that’s integrated into day-to-day thinking and decision-making can make for a near-impenetrable operation. Conversely, a security culture that’s absent will facilitate uncertainty and, ultimately, lead to security incidents that you likely can’t afford to take on. This is also brings us to have Cyber Insurance as part of the organisations culture. What is a organizations cyber security culture? An organisatio...