The next frontier of cyber governance: Achieving resilience in the wake of NotPetya
It should be clear by now that cybersecurity is no longer just an IT issue. We aren’t facing a breakdown in technology; what we are seeing is a failure to put the right people, processes, and policies in place to minimize internal vulnerabilities to cyber attacks. Most perimeter defense and network disruption detection technologies do their job effectively, but that does not protect organizations from vulnerabilities associated with human error and lack of adequate training. Effective cybersecurity must involve the entire organization and be engrained in the cultural in all corners of an organization. Engaging and training the greater workforce, not just the IT department, is critical in supporting CISOs and mitigating cyber risk.