• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » The Critical Human Element in Cybersecurity Strategy

Think Tank
Think Tank RSS FeedRSS

The Critical Human Element in Cybersecurity Strategy

The Critical Human Element in Cybersecurity Strategy
May 21, 2019
Eduardo Campos, SCB Contributor

The complexity of cybersecurity has grown exponentially as the number of interconnectable digital devices has risen. Because interdependent computer infrastructures support almost every organization today, protecting digital data has become crucial.

Thirty-seven percent of CEOs surveyed say significant risk lies within the extended business and key enterprise partners. And preventive measures alone aren’t sufficient anymore. The new environment demands vigilant monitoring and creative innovation. It requires all-stakeholder participation.

The human element is key. How well you vet, train and equip employees will make or break your cybersecurity system, your reputation with customers and partners, and perhaps even your business itself.

While 89 percent of the C-suite believes employees will responsibly safeguard information, 22 percent say their employees are unaware of offsite data policies. Devices most at risk are company cell phones (50 percent), company laptops (45 percent), and USB storage devices (41 percent).

In its report on 2018 Views From the C-Suite, A.T. Kearney found that 85 percent of companies experienced security breaches in the last year. Only 40 percent designed and implemented cybersecurity strategies in response.

In addition to focusing on employees, it’s important to bring the entire supply chain on board. Corporate leaders cite four top tactics to ensure viable cybersecurity:

  • Comprehensive information security measures,
  • Hiring highly skilled IT professionals,
  • Cybersecurity behavior analytics, and
  • Employee training programs.

The new paradigm for cybersecurity is involve, convince, educate, convert, and reward. End users are often unfairly stereotyped as uncooperative, control averse, and unwilling to change behavior. At the same time, they are the weakest link in cybersecurity. Even deep technical experts can be as vulnerable as less-trained and prepared regular users.

A real-life example: Years ago, as the CISO of a wireless operator in South America, I was tasked with reducing the rising number of data leaks. A senior executive recommended heavy-handed enforcement of security policies. End-users, he said, had been noncommittal about security, and unresponsive to campaigns to improve internal controls.

I decided to take a contrarian stance. Experience had convinced me that to craft viable solutions, we had to engage all stakeholders — each individual impacted by policies, technologies, and decisions — not just those sitting in boardrooms.

Instead of punishing end-users and focusing solely on enforcing controls, we convened a series of meetings with employees to share best practices, determine their pain points, and give step-by-step guidance on how to properly employ security tools.

It turned out that many security policies were outdated due to a series of mergers. Moreover, users were dealing with a cumbersome 30-day password expiration practice by writing their access codes on Post-It notes. Ill-intentioned people thereby had been gaining unauthorized access. 

Based on feedback from employees, we updated policies and rewrote procedures and standards so that they were relevant and clear. Scorecards were used to track progress, and a reward system instituted. Data leaks dropped, and a feedback loop was established between users and the security department to keep the program relevant. End users were brought into the process, with educational loops to spot potential problems.

The experience reconfirmed that a design process that is stakeholder- and human-centered, relying on involving, educating, converting, and rewarding instead of punishing, produces the most comprehensive and sustainable cybersecurity solutions.

J. Eduardo Campos heads the consulting firm of Embedded-Knowledge Inc.

Supply Chain Security & Risk Mgmt

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • DOCUMENTS BEARING THE INSIGNIA OF US CUSTOMS AND BORDER PROTECTION LIE ON A TABLE

    New CBP Regs Call for Greater Diligence by Brokers in Reporting Security Breaches

    Freight Forwarding/Customs Brokerage
  • A WORKER IN A WAREHOUSE, SUPERIMPOSED WITH GRAPHICS SHOWING SUPPLY NETWORK

    Enabling Intelligent Visibility With Supply Chain Analytics

    Data Management (Big Data/IoT/Blockchain)
  • A GROUP OF WORKERS RANGED IN AN OFFICE, OF DIVERSE RACE, GENDER, AGE AND PHYSICAL ABILITY

    Podcast | The Supply Chain Workforce of the Future Is Already Here

    HR & Labor Management
  • A HAND TURNS A LARGE, LIGHTED DIAL WITH THE WORD RISK ON IT iStock-NicoElNino-1364371014.jpg

    Measuring KPIs and KRIs for Comprehensive Supplier Performance Management

    Technology
  • INSIDE A WAREHOUSE, TWO HANDS HOLD A TABLET COMPUTER SHOWING A MAP OF THE WORLD

    Five Ways to Increase Supply Chain Visibility

    Data Management (Big Data/IoT/Blockchain)

Digital Edition

Scb nov 2022 sm

2022 Supply Chain Innovator of the Year

VIEW THE LATEST ISSUE

Case Studies

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

  • Expanding Apparel Brand Scales Seamlessly with E-Commerce Technology

  • How a Global LSP Scaled its Security Program and Won More Business

Visit Our Sponsors

Orderful Yang Ming Alithya
Barcoding Blue Yonder BNSF Logistics
CoEnterprise Data Capture Deposco
E2open GAINSystems Generix
Geodis GEP GreyOrange
Here Honeywell Intelligrated IFM
Infor Inmar Keelvar
Kinaxis Korber Lean Solutions Group 2H
Liberty SBF Locus Robotics Logility
LogistiVIEW Lucas Systems MCA Connect
MPO Nvidia Old Dominion
OpenText ORTEC Overhaul
Parsyl PMMI QIMA
Redwood Logistics Ryder E-commerce by Whiplash Saddle Creek Logistics
Schneider Dedicated Setlog Holding AG Ship4WD
Shipwell Tecsys TGW Systems
Thomson Reuters Tive Trailer Bridge
Vecna Robotics Verity
Verusen
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing