It’s hard for CEOs to manage the growing threat of cybersecurity across their businesses, especially considering more pressing company concerns. That’s why some forward-thinking business leaders are establishing frameworks for shared cybersecurity responsibility. In the article, Tamas Kadar, Founder and Chief Executive Officer at SEON, talks about the operational benefits of adopting this approach. Cybersecurity: Dealing With the New Normal The dramatic rise in cyberattacks following the Covid-19 pandemic has caught many businesses off-guard. Clearly, the cyber world has become a much riskier place since the pandemic. In fact, according to data sourced by ThoughtLab, cyberattacks increased by 300% over that period, leading to data breaches in around 20% of all businesses worldwide [1]. For CEOs, the growing threat demands a response, but for some corporate leaders, it can be difficult to figure out exactly how to best address the challenge. While doubts about the best course to take may linger, one thing that is for certain is the need for action. The aforementioned ThoughtLab report also highlighted that 93% of company networks are now penetrable by cybercriminals. This issue is being further compounded by uncertainty within the global economy. To this end, historic data suggests that economic downturns also accelerate rates of fraud and cybercrime. As such, the time for business leaders to act is now, but this action needn’t be handled entirely solo. What Is Shared Responsibility That’s because an increasing number of CEOs are choosing to adopt models of shared responsibility when looking to uphold cybersecurity protocols. This inventive model can be approached in several ways, depending on the nature of the business, and its specific cybersecurity concerns. For example, a CEO may choose to delineate some cybersecurity responsibility to their company’s IT division, or alternatively, may choose to establish a system where cybersecurity responsibilities are managed by individual departments. Similarly, CEOs may choose to hand off part of their business’ cybersecurity responsibilities to a dedicated expert in the field, such as a major cybersecurity firm, or an online fraud prevention company. Regardless of the specific approach, the general aim of the model is to shift responsibility away from one person, and thus, a single point of potential failure. In turn, by spreading this responsibility among team members, or to outsourced staff, the process of managing cybersecurity becomes naturally replete with more checks and balances. What Are the Benefits? The logic driving the shared responsibility model is relatively straightforward. Naturally, people care more about aspects of work they feel ownership over. So, by spreading the load, staff are simply forced to care more about cybersecurity issues than they would if the issue was solely being dealt with by somebody else. Moreover, by involving more people in the process, businesses can create internal working cultures, which place a greater emphasis on the importance of upholding effective cybersecurity practices. As a CEO, you still have complete visibility over the process, but by sharing responsibility, you’re able to partially remove one task off your plate which can then help to provide the needed space to work on other important business matters. In doing so, CEOs can prioritize tasks that are more suited to their skill sets. What’s more, should business leaders choose to adopt a shared responsibility model, which includes input from an external cybersecurity business, or from their own internal IT division, then they’re often delegating responsibility to individuals more knowledgeable than them on this subject. What Are Some Key Tips? The appeal of the shared responsibility model for cybersecurity is obvious, especially for CEOs, or businesses without explicit cybersecurity expertise. However, business leaders in this position must remember that achieving shared responsibility is a process, and not something that can be guaranteed overnight. Similarly, it’s an approach, which necessitates consistent work across a business, as well as effective oversight to ensure protocols are being implemented in the manner needed to generate satisfactory results. Above anything. however, shared responsibility is a model of management that requires clear and effective communication. For one, staff must have clarity on the specific cybersecurity responsibilities placed on them or their department. Likewise, clear goals and targets need to be established and worked towards as a way of tracking progress. Finally, it’s essential that those with new responsibilities are given the confidence, as well as a suitable forum to raise any cybersecurity concerns or issues they may have. Shared Responsibility: A Problem Halved At SEON, we recently released a report, which highlighted how economic downturns impact fraud rates. The report found that ongoing market instability is increasing the threat of cyberattacks and online fraud across all sectors [2]. As such, CEOs and business owners now need to re-emphasize the importance of cybersecurity management. Thankfully, the shared responsibility model of cybersecurity management offers a great solution to this challenge. Hopefully, by following the tips mentioned in this article, businesses can implement the system and ensure maximum success. [1] - https://thoughtlabgroup.com/wp-content/uploads/2021/12/General_Cybersecurity-Solutions-Research-and-Project-Plan-09.15.2021.pdf [2] - https://seon.io/resources/global-recession-fraud/ Photo by Siarhei Horbach on Unsplash Also published here
