The Entire Organization is Responsible for Cybersecurity

it security wire

The data indicates that there is a disconnect between decision-makers and cybersecurity teams. There needs to be consistent communication, whereas, at the moment, over 40% of cybersecurity leaders only report to the board when a breach has happened. At that point, it is too late,” says Andrew Hollister, Deputy CSO and VP, LogRhythm, in an exclusive interview with ITSecurityWire.


ITSW Bureau: Should security awareness or initiatives start from the top and percolate? Or do you think awareness at lower levels is more effective in meeting security objectives? 

Andrew Hollister: Cybersecurity must start with the C-suite and percolate throughout the entire company. Without that clear executive-level sponsorship, cybersecurity initiatives are unlikely to gain traction in effecting real change.

Cybersecurity is not just an IT risk but a business risk. It is critical that the entire organization, especially decision-makers, understand threats and what needs to be done to combat them.

Comments are closed.