Follow Laura Linkedin
Email Laura Email
Technology
Jun 29, 2022

The Importance of Creating a Cybersecurity Culture

Sponsored Content provided by Laura Rodgers - Business Development/Cybersecurity Compliance, North Carolina Military Business Center

Developing a secure AND compliant cybersecurity program is a daunting and complex task, and organizations often ask, “where should we start?”

After many years of working with quality management systems, I have come up with what I believe is the right answer to the question: start by developing a culture of cybersecurity.

Some of you may remember the time when the quality of products from Japan was very low. By the 1980s the quality of Japanese products far exceeded the quality of products from any other country – including the United States. Why? Japan listened to W. Edwards Deming and embedded quality into the culture of their organization. Quality became a value – not a department within an organization or something to be inspected into a product.

The same philosophy should be applied to cybersecurity. Below are a few tips for developing a cybersecurity culture:

  1. Tone at the top. Owners/leadership must understand and “buy in” to the importance of a secure and compliant cybersecurity program, then convey that buy in to their employees. Lip-service won’t work. You have to truly believe that implementing a cybersecurity program is the right thing to do and will provide benefits to the organization.
  2. Emphasize your commitment to cybersecurity by rewriting your organization’s vision and mission so they both include references to the importance of cybersecurity.
  3. Provide awareness and job-specific training. Just saying the organization needs a cybersecurity program isn’t enough. You must provide the tools employees need to be aware of cybersecurity threats as well as their responsibility for keeping the organization safe.
  4. Frequent communication is key. Changing an organization’s culture is disruptive, so employees need frequent reminders about what will change, and why. Employees need to be included in the culture change process.
  5. Make sure needed resources are available to implement the cybersecurity program. Developing a cybersecurity program is not cheap, but expecting a program to be developed without the necessary resources (people and money) available doesn’t show commitment to your cyber program. A line-item in the budget will do if you are currently strapped for cash.
  6. Manage the development of your cybersecurity program like you would any other project – establish a timeline, make status meetings a priority, and reward outstanding performance.

If you’re not sold on the value of a cybersecurity culture, keep in mind that a federal court denied, in part, a motion to dismiss a securities class action lawsuit against SolarWinds and members of its management team because the company claimed to have a culture of security when in fact they did not. The court found that employees were not aware of the password policy, had not received adequate cybersecurity training, and didn’t have an awareness of the company’s efforts regarding cybersecurity. 

Since creating a new company culture takes time, don’t wait – start developing a cybersecurity culture now!

Defense contractors in North Carolina that need help developing their cybersecurity programs should contact Laura Rodgers at rodgersl@ncmbc.us

Join The Discussion

Ico insights

INSIGHTS

SPONSORS' CONTENT
north-carolina-military-business-center bill-simons headshott

Federal Food Series Webinars Will Connect North Carolina Food Businesses with Government Buyers

Bill Simons - Regional Program Manager, Goldsboro, North Carolina Military Business Center
fayetteville-state-university sambit-bhattacharya-phd headshott

FSU students and faculty make strides towards advancement in applied AI in the Intelligent Systems Laboratory

Sambit Bhattacharya, Ph.D. - Professor of Computer Science and Director of the Intelligent Systems Lab, Fayetteville State University
cape-fear-valley-health daniel-mccullough-md headshott

Navigating weight loss: Insights from a bariatric surgeon

Daniel McCullough, MD - Metabolic and Bariatric Surgery Director, Cape Fear Valley Health
Ico insights

INSIGHTS

SPONSORS' CONTENT
north-carolina-military-business-center bill-simons headshott

Federal Food Series Webinars Will Connect North Carolina Food Businesses with Government Buyers

Bill Simons - Regional Program Manager, Goldsboro, North Carolina Military Business Center
fayetteville-state-university sambit-bhattacharya-phd headshott

FSU students and faculty make strides towards advancement in applied AI in the Intelligent Systems Laboratory

Sambit Bhattacharya, Ph.D. - Professor of Computer Science and Director of the Intelligent Systems Lab, Fayetteville State University
cape-fear-valley-health daniel-mccullough-md headshott

Navigating weight loss: Insights from a bariatric surgeon

Daniel McCullough, MD - Metabolic and Bariatric Surgery Director, Cape Fear Valley Health

In The Current Issue

Creating opportunities: The Defense Alliance Foundation seeks to strengthen the local defense innovation ecosystem

DAF Chairman Phil Williams (far left) pictured with City of Fayetteville Mayor Mitch Colvin (center) on June 10 following a presentation on a 25- year vision for the city’s continued growth and transformation. Photo provided by the DAF.The Defense Al


Empowering the mission: Linchpin Solutions provides tools to turn the tech of the future into the tools of today

Linchpin Solutions attends defense conferences throughout the year, using conferences and tradeshows to exhibit their services and connect with network professionals, including industry, military and government leaders to address and understand today


Lumberton is ready for takeoff: Lumberton Regional Airport embarks on major expansion to meet growing demand

Photo provided by Gary Lewis.The City of Lumberton is moving forward with a new terminal project at the Lumberton Regional Airport. It’s a collaborative effort involving several partners, including Cooper Tacia General Contractors, Talbert & Brig