Cybersecurity Practices

by Billy Bennett on December 2, 2016 in Business Intelligence, Cybersecurity, Security and Compliance, Services & Outsourcing, Technology, Web Content Management


One section of the SIMs survey discussed cyber security practices within the survey taker’s organizations. Out of the SIM members that took the survey, 45.82% of the organizations had a Chief Information Security Officer (CISO) or equivalent position on board. This position takes into concern how information security affects legal requirements; thus taking accountability for the organization’s compliance with both internal and external policies and procedures. The CISO is also commonly involved in implementing vulnerability analysis, infiltration tests, and web-based application software assessments. In addition to these duties, the CISO also works as the middle man between the departments within the organization and between the organization and its third party vendors (that involve cybersecurity). Needless to say the CISO has an ever-changing job description as with the ever-changing world of information technology.
According to, “The U.S. Department of Homeland Security (DHS) states that 90 percent of security incidents result from exploits against defects in software.” Which brings us to our next topic. 79.27% of organizations declared that cybersecurity was taken into consideration during software development. This is a critical business process to take into consideration, because even if the organization has a solid network security infrastructure, the software can be attacked within the application layer putting sensitive information and data at risk of exploitation.

As IT grows and changes within an organization, the security methods to protect it must grow and change to maintain the integrity of the organization’s information systems. 78.98% of organizations said that cybersecurity was taken into consideration during IT change management. As new applications, network infrastructure, and end-user devices are added to your organization’s repertoire; new security measures must be taken to secure these assets. IT is hardly cheap, and in many modern organizations it’s implemented on a larger scale. Any organization financially supporting IT enhancement should want to take cybersecurity into consideration to protect this investment and the information that is held within.Watch Full Movie Online Streaming Online and Download

It is difficult to protect your organization from cyber-attacks if your supply chain is not protected. This is why 53.58% of organizations involved in the SIM survey stated that cybersecurity was taken into consideration with procurement. A lot of this can be prevented with individuals taking the appropriate steps to protect their individual accounts. This can be done by reporting suspicious emails, not clicking on links from unknown sources, and so on. The organization should strive to stay current with their knowledge of IT security measures, including cybersecurity procedures and policies in their evaluations, and employee training.

Protecting your organization’s data will help insure that your organization doesn’t become victim to significant financial losses, reputation or brand compromise, property theft, lawsuits, and customer/future revenue loss. As the age of information technology increases its threshold on the modern industry, it’s becoming increasingly relevant to include cybersecurity in your organization’s business strategy. According to the SIM survey, 49.05% of the organizations represented are taking cybersecurity into consideration with their business strategies now. This number is likely to rise as more and more organizations are welcomed into the global e-commerce market.

Cybersecurity is quickly weaving itself into our everyday lives, whether it be personal or business. Organizations large and small are increasing their presence in the digital realm, making their sensitive information more vulnerable to unauthorized access and extortion. This is why the roles CISO, CIO, and CTO exist. They are put into place to monitor the organization’s information system infrastructure, compliance with regulations, and run risk analysis on the information system to ensure the company’s security measures are sufficient to withstand cyber-attacks and to protect the organizations brand, finances, property, and integrity.