Monday, June 27, 2022
CybersecFill
Advertisement
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
CybersecFill
No Result
View All Result
Home Blog

Building a Cybersecurity Culture In Nigeria

Hamzat Lateef by Hamzat Lateef
July 14, 2019
in Blog
1
cybersecurity culture in Nigeria
Share on FacebookShare on Twitter

Building a Cybersecurity Culture in Nigeria

In the pursuit of holistic protection to information critical to day-to-day running of businesses, most organizations in Nigeria are now pushing for cybersecurity training for the employees, this is a good move to meeting their goal. But the success of the training now greatly depends on the organization. It will be difficult for many of the employees to practice what they have learned during training if their organization did not have a cybersecurity culture, and it will also be difficult for the organization to measure the impact of the training and the improvement it has made on how employees threat cyber safety.

To keep the balance of the above concerns, the organization must be ready to build a cybersecurity culture.  Before we can go into building one, we must first know what a cybersecurity culture is and what defining features make them sustainable.

What is Cybersecurity Culture?

A cybersecurity culture in the workplace amounts to the promotion of safe cybersecurity practices that integrate seamlessly with people’s work. It is making employees aware of cybersecurity threats and making them amend their behaviour accordingly to mitigate potential threats.

What Defining Features Make Cybersecurity Culture Sustainable?

There are features that make cybersecurity culture sustainable.These includes:

  • Deliberate and Disruptive: The primary goal of a security culture is to foster change and better security, so it must be disruptive to the organization and deliberate with a set of actions to foster the change.
  • Engaging and Fun: Employees want to participate in an enjoyable cybersecurity culture and a challenge.
  • Rewarding: For employees to invest their time and effort, they need to understand what they will get in return.
  • Return on Investment: The reason anyone does security is to improve an offering and lower vulnerabilities; we must return a multiple of the effort invested.

It is important to note that a sustainable cybersecurity culture is not a once-a-year event but must be embedded in everything the employees does in an organization.

How to Build a Cybersecurity Culture.

Building a cybersecurity culture for an organization must be weaved through organizational procedures, practices and maintaining an active conversation among stakeholders (Employees, Management, and Security Team). There are steps to be taken in building a cybersecurity culture for an organizations;

Run Assessment

Assessing the current security status of the organization will pave the way to creating a sustainable cybersecurity culture as it will provide insight into addressing audit results, security and technologies priorities and any metric available to measure progress. Insight into recognizing practice that may heighten risks such as bring-your-own-device (BYOD) policies, use of organization devices, unencrypted communication (like IM and Emails), data storage on personal devices, nonstandard computer configuration, and use of software that isn’t vetted by the security team.

Outline Mission

One needs to outline the mission before working out any specific details. A clear definition of what constitutes success for security and technology come up at this stage. Make sure the mission is simple and can be easily verbalized.

Win Management Support

When executives support a cybersecurity culture, they allocate resources to it and prompt a regular discussion about the overall security of the organization. It is also clear that executives’ actions drive priorities for employees.

Win Employees Support

One must earn employees backing with departmental-level conversations (sighting cases, incidents and its impact on victims)  about the impact of cyber threats to ensure they comprehend the value of security and they are not tempted to boycott the process. It will also be good to explain to them how their compliance can help improve their personal and family security outside the workplace.

Define Roles and Expectations.

This is the stage where we will instill the notion that security is everybody’s business in the organization. Roles need to define and people need to be assigned to responsibilities. With a detailed plan, specifying roles, responsibilities for every department in the case of any security incident will help eliminate ambiguity from the organization’s cybersecurity culture.

Communication

Communicate all cybersecurity policies, guides and best practices to all stakeholders. And routinely educate employees on incidents and the resulting areas to improve. Onboarding program for new hire should be in place. Understanding phishing attacks, promoting better password management, backing up work, account access, authentication, sending personal/sensitive information, encryption/digital signing, policies and best practices are all things employees should be educated about if the organization wants them to make better choices in this regard. You can outsource this training if the resources in-house will not be enough.

Reward and Recognize

Engaging employees in routine tests in a fun way (you can make it in the form of a game played individually or as a team) and motivation for the early responder will encourage and help promote the growth of the organization’s cyberculture.  Look for opportunities to celebrate success. When someone goes through the mandatory security awareness program and completes it successfully, give them something substantial. Use public recognition to reward employees and affirm the value of proper cybersecurity. The other side of this is to create confidence that if a mistake happens, organization security experts will find solutions, offer support and skip the blame.

Conclusion

It is clear that if an organization trains its employees on Cybersecurity and such an organization does not have a cybersecurity culture in place, such training will not be effective. So it is my advice for all organizations be it private or public in Nigeria to take a step in improving the cybersecurity culture.

Tags: BingCyber EducationcyberintelligencecybersecurityCybersecurity CultureGoogleNigeriaYahoo
Hamzat Lateef

Hamzat Lateef

Next Post
Whatsapp and Telegarm hacking

Hackers can Manipulate Media Files via Whatsapp and Telegram

0 0 votes
Article Rating
Login
guest
guest
1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Kamilu Umar Boyi
Kamilu Umar Boyi
2 years ago

Very educative. Thank you

0
Reply
  • Trending
  • Comments
  • Latest
CEH_PRACTICAL

CEH PRACTICAL EXAM – TICKET TO CEH MASTER

February 6, 2021
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

August 3, 2019
Wifi 6 Security

Did Wi-Fi 6 come with an Improvement In Security?

May 13, 2019
credit card cloning

How Credit/Debit Cards are Cloned / Preventing Card Cloning

December 26, 2019
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

9
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

8
Cybersecurity Jobs

Cybersecurity Jobs – You can create your own Cybersecurity Role

4
open Source intelligence tools

Open Source Intelligence tools – OSINT

4
Suspected Head of Cybercrime Gang Arrested in Nigeria…

Suspected Head of Cybercrime Gang Arrested in Nigeria…

June 17, 2022
Types of Hackers and Hacking Protection Tips….

Types of Hackers and Hacking Protection Tips….

June 6, 2022
Types of Hackers and Hacking Protection Tips…

Types of Hackers and Hacking Protection Tips…

May 31, 2022
Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

May 19, 2022

Recommended

Suspected Head of Cybercrime Gang Arrested in Nigeria…

Suspected Head of Cybercrime Gang Arrested in Nigeria…

June 17, 2022
Types of Hackers and Hacking Protection Tips….

Types of Hackers and Hacking Protection Tips….

June 6, 2022
Types of Hackers and Hacking Protection Tips…

Types of Hackers and Hacking Protection Tips…

May 31, 2022
Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

May 19, 2022

© 2020 CybersecFill. All Rights Reserved.

No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us

© 2020 CybersecFill. All Rights Reserved.

wpDiscuz
1
0
Would love your thoughts, please comment.x
()
x
| Reply

Privacy Policy - Terms and Conditions