Business.com Feature: Where does IT fit in the cybersecurity puzzle?

Having an effective cybersecurity posture requires vision and support from business leaders and often builds out of the natural relationship that runs between cybersecurity and technology. We discuss the topic in our recent article on Business.com. We’ve included an introduction and summary below, but be sure to read the full article here.

 

Anyone who has worked for a large, enterprise organization will know that cybersecurity is no small matter: they often have dedicated teams with a critical focus on managing all components of cybersecurity, risk, and compliance. Smaller businesses don’t have the same luxury; it’s nearly impossible for them to assign one person to managing their cybersecurity, let alone a whole team. And that means that the responsibilities of cybersecurity fall to existing team members and often to IT resources.

Many components of cybersecurity, including policies, procedures, employee training, and culture are a natural fit with existing business management functions. But your IT team is an indispensable asset to building and maintaining a strong cybersecurity program.

Your IT likely already has baseline cybersecurity measures like antivirus software and a firewall in place for your business – in fact, more than three quarters of small businesses use one or both of these technologies. With today’s attacks on the rise and often circumventing traditional defenses, cybersecurity is about much more than antivirus and firewalls. Giving IT the resources, authority, and guidance to pursue additional cybersecurity initiatives is a crucial step to take in protecting your business.

For example, here are just a few areas where IT often steps in to provide input, expertise, and execution:

  • Vulnerability scanning

  • Third-party Penetration Testing

  • Phishing simulations

  • Employee training

  • Ongoing program management

 

Every business is different, and in the end, it will be up to you and your IT team to determine who drives which initiatives. The important first step is to start the conversation and to give your IT department the go-ahead – and encouragement – to bring your cybersecurity program to the next level.

 

Read the full article on Business.com.