Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

Protecting operations and data against cyberattacks

By Robert Nawy
cyber-data-freepik1170x658x82.jpg
October 31, 2022

Organizations today are recognizing that within their infrastructures, where precious data is contained, they are viewed as a target and have become increasingly more attractive to cybercriminals. Should bad actors gain access to sensitive personal data, the results can be operationally catastrophic to a business.


No company is immune to a cyberattack, and the criminals behind them have only gotten more advanced and sophisticated in their strategies. All organizations must understand their data is at risk and follow appropriate measures to ensure its protection — including proactively taking steps to prepare for an incident.


The Necessity of Communication and Training

According to the IBM Cyber Security Intelligence Index Report, 95% of cybersecurity breaches are primarily caused by human error. Unfortunately, inconsistent staff training and limited resources have resulted in organizations becoming prime targets of cyberattacks, causing them to be taken advantage of by those who seek to destroy or profit off of their sensitive data. Human error is often an organization’s greatest vulnerability, and it can lead to dangerous exposure for the public sector and private organizations. Sadly, one of the most common methods of compromise remains reused passwords that get exposed through data leaks and login information that are obtained through social engineering.


The good news is that these potential security weaknesses can be addressed easily through education and company password change policies. It is the responsibility of all organizations to properly train their staff on the fundamentals of good password hygiene, and the methods of social engineering hackers most commonly use. While there may already be some measure of cybersecurity within an organization, all should periodically be reassessed and updated as the risk of state-based attacks is increasing, as are the associated costs of a compromise.


From the internal workings of an organization, one of the first ways to begin security initiatives is to understand the goals of both information technology (IT) teams and company executives so that key departments stay connected and in constant communication. There must be clear security goals within both, and the plan of implementation should be enforced by top leadership and other C-level members. The creation and fulfillment of effective security programs allow for employees at multiple levels to embed the desire to protect their assets early on before an attack occurs.


This can be achieved through regular training sessions prioritizing cyber awareness and promoting new ways for employees to help prevent, detect, and address digital threats. Training all employees, privileged users, administrators, and executives may vary in depth depending on access privileges. Personalization and larger-scale training within the organization ensure that employees at all levels are exposed to new protocols.


The key first steps include distinguishing specific types of social engineering cyber-attacks such as phishing and more targeted potential malware behavior. Once this is learned, reporting security threats along with the protocol that follows must be reinforced as a priority until it becomes second nature to all. Education in this form helps drive efficiency and avoid the chaos that could ripple through the workforce should they not be prepared when an attack occurs.

 

Cultivating Protection as a Culture 

While many organizations discuss and plan to implement cybersecurity within their organizations, gaps are far too common. For cybersecurity to be truly effective, it must become incorporated into organizations’ values, forming its presence in the overall culture.


Communication is the first step in bridging this gap, including transparency, and normalizing discussions of challenges, errors, or misconceptions without the fear of judgment. With an open communication line and clear objectives from top leadership, there can be more opportunities for learning and essential operation employees to grow.


Secondly, once employees are properly trained, they can perform security duties and form healthy habits toward data protection. These initiatives can create and nurture a culture of cybersecurity that allows for the personal growth of every member of an organization toward secure operational behaviors.


Technology may be the foundation of cybersecurity, yet it can only function at its height if the members of an organization tap into their own potential of human intelligence and awareness. Empowerment via tools to assess potential data risks allows them to grow as professionals and protect the operational functions of their organization.


This focus on building foundational security measures takes power away from cybercriminals that are so accustomed to the manipulation of many for their own potential gain and puts it back into the professionals of today.

KEYWORDS: cyber security data protection information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Robert Nawy is CEO of IPKeys Cyber Partners, provider of OT/IT intelligence platform that addresses cybersecurity, data, and critical infrastructure protection challenges. Nawy is a founding member and on the Board of Directors of the Advanced Energy Management Alliance (AEMA) and is an active Board Member of the Open Automated Demand Response (OpenADR) Alliance.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • water storage unit over river

    Water storage is under cyber threat

    See More
  • electric-vehicle-freepik1170.jpg

    Electric vehicles are taking over. Hackers are waiting

    See More
  • Doorway to Cybersecurity

    NY Gov. Cuomo Signs Legislation Protecting New Yorkers Against Data Security Breaches

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing