By Dana Mitchell, Director, Cybersecurity Solutions Group, Microsoft Canada
Digital transformation, cloud computing and a sophisticated threat landscape are forcing everyone to rethink the roles that each individual within an organization has in defending against cyber threats. With billions of people around the globe working from home, changes to the daily practice of cybersecurity are accelerating and shifting from defending a traditional network perimeter to strategies of protecting users, data and business assets where they are. This transformation raises questions about what people’s roles and responsibilities will look like in this new world. It is important to understand the impact security has on each role and the areas of cybersecurity knowledge that are important to them. It cannot be overstated that cybersecurity needs to become as fundamental to the overall health of the business as financial and operational controls currently are.
There are several roles within an organization where employees are more vulnerable due to the nature of the information they handle and process, such as finance, HR, sales and marketing.
Finance: Finance holds confidential financial information and have a greater need for training and processes for proper information protection, inclusive of sharing, handling and storing.
With average cost of a data breach sitting at $3.92M in 2019, it is not hard to see why cybersecurity is of critical importance to an organization’s chief financial officer (CFO) and finance team. CFOs need to forecast for investments in security, and to do so, need to understand from the technical department, legacy systems and security vulnerabilities. Microsoft data shows that 58 per cent of leaders are looking to increase security budgets, so ensuring that finance teams can prioritize safeguarding and future-proofing of an organization should be priority. No longer are security breaches owned by just the CIO as more often, the CFO is the one assessing the impact of the breach and its overall cost to the organization.
Human Resources: HR plays two important roles, both as an employee and as a stakeholder. As a stakeholder, HR departments need to be concerned about potential insider risk with the types of data and information handled by their team. Insider threat can be preceded by a negative work event, such as termination, demotion or dispute with a supervisor meaning HR plays an important role in understanding potential individual insider risk threats to the organization. It’s also important to consider that it’s not just about daily roles and that when an employee leaves, their organization’s confidential information should not.
As an employee, HR roles are frequently targeted for attacks by threat actors due to the volume of external resumes and documents they have access to. The handling of these documents and links within these documents, provides a great opportunity for bad actors to hide malicious capabilities and phishing attacks, increasing the vulnerabilities for those that are not aware and educated on cyber threats.
Sales and Marketing: Customers look to trusted organizations to do business with, and now more than ever before, an understanding of the organization’s security practices, data handling and identity protection is required information. Security breaches can have a long-lasting effect on an organization’s brand and frequently result in a loss of customers and revenue. Sales and marketing leaders require both a deeper understanding of their organization’s security practices and the important role communication procedures play in case of a breach.
As mentioned, insider risk is a significant threat, and because sales and marketers often have insider knowledge about products and road maps, they are highly vulnerable roles. The chief revenue officer (CRO) must prioritize educating their teams, in partnership with HR and the security team.
Supply Chain: As outlined in the 2020 Digital Defense Report, Microsoft has observed an uptick in supply chain attacks between July 2019 and March 2020, inclusive of attacks targeting IT service providers to get a foothold in their customers’ systems. This disruption to a company’s supply chain can negatively impact their ability to meet customers’ timelines on receiving goods and services. Throughout the supply chain, hackers look for weakness in hardware, people, processes and vendors that they can exploit. For supply chain leaders, it is important to have a deeper understanding of the various technology components their business encounters as well as the practices of their suppliers.
As cybersecurity becomes fundamental to the overall health of every organization, each employee has an important part to play powered by knowledge, training and of course, IT and security infrastructure.
CISOs in 2021 have more challenges than ever with increased breaches and ransomware attacks, and the move to remote work presenting greater risk to the companies and opportunities to threat actors. Creating a cybersecurity culture can be one of the most important steps an organization takes to secure against these challenges.
Learn more about the steps you can take to strengthen the knowledge of cybersecurity within your organization and further explore each roles impact to your business and the practices you can implement.