Ep. 18 Ken Gilmour | Creating an Effective Cybersecurity Strategy
In this episode of the Cybrary Podcast, we sit down with Ken Gilmour, the CEO of Knogin. Speaking with Thomas Horlacher, the Head of Creative Services, and Mike Gruen, the VP of Engineering at Cybrary, we discuss the importance of having a sustainable and long term cybersecurity strategy for your company. We also touch on breaches and what that can do to the image of a company.
Share it with friends now!
In this podcast episode, Ken (CEO of Knogin), Mike (VP of Engineering, Cybrary), and Thomas (Head of Creative Services, Cybrary) discuss the important aspects that any business should consider when creating or implementing a cybersecurity strategy in the workplace. They share their experiences and perspectives on the matter, as well as the main factors that influence an effective cybersecurity strategy, such as how imperative it is for businesses to protect data and information about the company, clients, partners, and/or other stakeholders.
Cybercriminals are known to be persistent when attempting to gather information from a targeted company, which is why businesses are responsible for implementing proper cybersecurity systems and policies in order to protect all the data that is collected by them. This is why companies should determine what data or information is relevant to them in order to create a cost-effective cybersecurity strategy whereby sufficient resources can be properly allocated, because the more data a company collects, the more resources it takes to protect those data. A common activity is performing frequent patching in systems and infrastructures as cybercriminals continue to seek and exploit potential vulnerabilities that may exist in a system.
Another critical aspect when creating an effective cybersecurity strategy is delivering awareness and training to all employees in every department. A successful cybersecurity strategy enables unified processes to be established to help every individual in different departments to know what needs to be done in the event of a security incident that may be encountered in their respective day-to-day operations. Every individual not only needs to understand the basic security terminologies, e.g. phishing, ransomware, but they also need to understand the risks and impact to the business should any of the data or systems be compromised. This is why it is important to determine the responsibilities of a specific job role and the access privileges of these roles. As a business grows or reaches a certain level of maturity, it may be expected for some roles to change over time and for other strategies that were once put on hold to be enforced.