There is universal acceptance of the need to be cyber threat resilient—anticipating, preparing for and responding to events and adapting these efforts to continuously changing threat profiles. Creating the security-minded organizational culture needed to achieve resilience remains elusive. One challenge is that the human elements of commitment, collaboration and education are often overlooked. If your cyber risk management efforts remove key human elements from the “machine,” you might accomplish compliance but not resilience.
Kurt Lewin, the father of modern social psychology, put it best: “If you want truly to understand something, try to change it!” Below are three key “resilience killers” from lessons learned over years of working to change organizational mindsets to establish resilience. These are behaviors you should strive to avoid when maturing your cybersecurity capabilities.
- Lack of commitment. Many organizations address resilience as a stand-alone goal, compartmentalizing cyber resilience as a network management priority and moving it down the list past revenue and profitability, growth and acquisition, cost control and talent strategy. Leadership needs to recognize that cyber resilience is an underlying element that supports all business priorities. Technology solutions need to connect to the people, processes and protocols that drive business. The impacts of a cyber event are not siloed in one area of the company. Direct costs (forensics, legal fees, compensation for personal data compromise, theft of financial assets), operational costs (systems and service delivery disruptions) and cost of decreased customer confidence all result in lost time, productivity, revenue and possibly executive jobs across lines of business.
- Static risk management. Intending to manage risk proactively is of little use if your organization cannot let go of “our way” or “the way it’s always been done.” Being dynamic requires agility – the willingness to change quickly and efficiently to meet emerging threats and think differently about your risk environment and security profile. Companies become static when they define strategies based solely on subjectively measured risks coming from independent operating units and fail to incorporate how the executive team looks at overall risk. Executive risk assessment of core functions should be paired with traditional business impact analysis at the process level, putting the greatest focus on the areas deemed the highest risk by senior leaders. This top-down approach creates an opportunity for IT to educate the business on how the application of technology addresses risk and enlightens IT leaders on when to tighten/loosen specific recovery objectives to satisfy business requirements…[…] Read more »….
ROLE DESCRIPTION
We are looking for a Membership Manager to join the company and take on one of the most opportunistic roles the industry has to offer. This is a role that allows for you to create and develop relationships with leading solution providers in the enterprise technology space. Through extensive research and conversation you will learn the goals and priorities of IT & IT Security Executives and collaborate with companies that have the solutions they are looking for. This role requires professionalism, drive, desire to learn, enthusiasm, energy and positivity.
Role Requirements:
Role Responsibilities:
Apex offers our team:
Entry level salary with competitive Commission & Bonus opportunities
Apex offers the ability to make a strong impact on our products and growing portfolio.
Three months of hands on training and commitment to teach you the industry and develop invaluable sales and relationship skills.
Opportunity to grow into leadership role and build a team
Extra vacation day for your birthday when it falls on a weekday
All major American holidays off
10 paid vacation days after training period
5 paid sick days
Apply Now >>