Depending on the level of exposure, people may generally think of Cyber Security as people stealing identity details, bank account details and funds, or taking over websites. You know, the person sitting at a computer desk in a hoodie and dark glasses. But there is an entire other side to Cyber Security: the measures put in place to protect people, information and businesses.
The Technical Side of Things
Most people in the ICT space live and breathe securing ICT systems and equipment. The workforce sees this through guidelines of acceptable use (what you can and can’t do), physical areas with restricted access, and account management such as usernames, passwords and permissions. Behind the scenes, ICT networks and systems are designed based on cyber security best practices, automated system monitoring is put in place to advise of any actual or potential threats, and software standards are placed on PCs, laptops and devices to reduce the risk of an attack.
The Compliance Side of Things
The Compliance Beasties: rules, principles, regulations and legislation.
These are the items that must be done otherwise there could be trouble with the regulators; trouble that involves restrictions placed on operations, or paying fines. But hey, these protect the customer, the workforce and the business. And some people love working in this area – there’s a job for everyone! After all, the majority of compliance requirements can be traced back to best practices which are probably already well known and already in place. The ones which aren’t so well known can be achieved by research and advice from subject matter experts.
The People Side of Things
For a lot of businesses, ICT and Compliance may not be at the forefront of primary functions, goals or objectives. ICT is there to make things easier and should just do its job right? Compliance is a bunch of rules that will be addressed at some stage time permitting or by a mandated deadline. Businesses that recognise the importance and relevance of ICT and Compliance are admirable. Add another layer to this is the importance placed (real importance like endorsement and backing, and allocating actual assigned resources) on training and awareness, and change management (that’s Organisational Change IT people).
Bringing the workforce on the Change Management journey encourages early engagement, sense of inclusion and sets the stage for training and awareness. If a business can educate and empower its workforce to be aware of cyber security best practices in addition to their business-as-usual activities, and increase the levels of success to retain knowledge on a topic generally seen as complicated, imagine the added level of resilience this contributes to day-to-day operations and the business as a whole. Actually, it not only strengthens a business, it also assists the workforce to put into place good cyber security practices in their personal lives and activities.
The Chamonix Side of Things
There are many arms to consider to establish good Cyber Security. Chamonix’s arm of consulting can help businesses and organisations with services such as Project Management, Business Analysis, Change Management, and Subject Matter Experts specialising in information and cyber security, architecture, and compliance. These services can also leverage the Managed Services arm who actively practice information and cyber security best practices, rules and principles, and who implement and support innovative and current technology services.