Dr Jason Nurse has contributed to an article on the Symantec blog advising CISO’s to think beyond pure tech when looking for more resources to improve security.
The article entitled ‘Advice for CISOs: Want More Resources? Think Beyond Pure Tech’ is written by journalist John Borland and offers a range of proposals that may help CISOs argue successfully for new resources, while also demonstrating that existing resources are being used effectively.
In the article Jason Nurse advises CISOs to think broadly, assessing the range of potential harms across areas such as corporate reputation, societal impacts, psychological influences, physical harms, as well as financial impacts.
Jason said ‘A lot of attention is placed on the financial impact, but realistically there are other types of impact that result from a cyber attack. Identifying these could help convince a board that security is important even beyond the financial perspective.’
The article concludes that simple scare tactics are unlikely to work, and even research as it stands currently does not provide unambiguous answers regarding exactly what does. However, training, continuous feedback, and sensitivity to employees’ different cultural contexts and responses all appear to be important factors.
Read the full article at: www.symantec.com/blogs/feature-stories/advice-cisos-want-more-resources-think-beyond-pure-tech