Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementCybersecurity Education & TrainingSecurity Leadership and ManagementLogical SecuritySecurity & Business Resilience

Cybersecurity Education & Training

Embracing a company culture of cybersecurity starts at the top

By Andrew Shikiar
executive stands in front of skyscraper

Image via Unsplash

September 4, 2023

As growing threats pose significant risks to a company's private information, intellectual property, financial assets and reputation, cybersecurity is a crucial aspect of any organization's operations.

Updating an organization’s cybersecurity strategy must start in the C-suite to ensure its effective integration into an overall business plan. By prioritizing cybersecurity at the highest level of leadership, companies can proactively address and assess security risks, allocate adequate resources, and develop a culture of security throughout the organization to foster a holistic, proactive approach to cybersecurity management.

The current environment

The state of corporate cybersecurity today is characterized by heightened awareness in the face of persistent business challenges and growing economic pressures. In recent years, the frequency of security breaches has elevated cybersecurity as a business imperative. Today, it is one that can no longer be ignored. Yet, despite increased accountability and investments, many organizations do not feel confident that their current systems effectively protect both individual employees and the enterprise on the whole.

As demonstrated by a string of high-profile breaches, passwords and legacy forms of multifactor authentication (MFA) continue to be the root cause of security issues for organizations. According to Verizon’s 2023 Data Breach Investigations Report, the primary attack vectors for breaches consist of stolen credentials and phishing — with 74% of all breaches involving the human element, with people being involved either via error, privilege misuse, use of stolen credentials or social engineering.

Since the early 1960s, passwords have been the primary method of authentication for consumers and enterprises alike; their ubiquity has proven them to be extremely difficult to replace. Passwords represent a fundamentally flawed first factor for authentication — resulting in weak security and poor user experience, which directly and indirectly impact the bottom line.

Enforcing complex password requirements is exhausting users, leading to password fatigue — a phenomenon where individuals resort to reusing the same passwords across accounts due to the stress caused by the need to remember an excessive number of passwords users are required to maintain for their various accounts. Password-related issues, such as forgotten passwords, account lockouts, resets or the need to regularly change passwords, are all significant inhibitors of employee productivity and cause frustration for employees.

To prevent these types of attacks, many corporate IT teams regularly conduct cybersecurity training or run mock phishing campaigns to test the cybersecurity acumen of their employees. Often, these trainings are glossed over or met with contempt. These tests have been proven to be ineffective in materially improving cybersecurity outcomes; alternatively, they lead to mistrust of an organization’s IT teams — whose purpose is to protect data and systems. Organizations cannot rely on or expect their employees to be the first line of defense against cyberattacks. Instead, they must implement modern systems that shift responsibility off the individual to the technology that is literally at their fingertips — thereby both strengthening defenses and freeing employees of cyber burdens.

Modern systems embrace security by design

The imperative for replacing passwords with stronger, simpler authentication has never been greater — and finally, organizations are hearing the call for change. According to Gartner, by 2025, more than 50% of the workforce will be passwordless. This shift may have monetary benefits to organizations — according to Forrester, the typical cost per password reset is $70, a figure that can grow exponentially within larger organizations.

Further, modern approaches to authentication save time and reduce the burden on IT support teams, freeing them up to focus on more critical initiatives, such as system automation and data management. By providing a frictionless user experience, employees can navigate systems and applications effortlessly, leading to increased satisfaction and overall productivity in the workplace. By default, passwordless authentication fosters a culture of security — the easiest option for users is also the most secure — giving employees the best of both worlds.

Cyber awareness must start at the top

Now that the passwordless movement is being embraced by security professionals and IT teams, C-suite leaders are in a position to ensure their organizations have the resources and support to make the transition to passwordless possible. IT teams are often seen as the ones who must bear the responsibility of cybersecurity — however, as a top business imperative, C-suite leaders are positioned to drive a culture of cybersecurity, setting the tone from the top down to establish a corporate ethos of security throughout the organization.

Companies that foster collaboration between the C-suite, IT teams and stakeholders create an environment of open communication, information-sharing and cross-functional teams that leads to a stronger security posture. However, it doesn’t stop there. As the cyber landscape is ever-changing, boardrooms need to continually assess and evaluate the effectiveness of their cybersecurity strategy.

Ultimately, elevating cybersecurity into the C-suite demonstrates a commitment to protecting valuable assets, maintaining customer trust and safeguarding the long-term success and sustainability of the organization. Despite ongoing challenges, the growing recognition of cybersecurity’s criticality and the concerted efforts being made by organizations hold promise for a more resilient and secure future.

KEYWORDS: Chief Information Security Officer (CISO) cyber security data breach password passwordless

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Andrew Shikiar is Executive Director at FIDO Alliance.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Security professionals

    Building a cohesive security program starts at the top

    See More
  • security awareness freepik

    Building a culture of cybersecurity: 3 key takeaways from the 2021 SANS report

    See More
  • cyber 3 responsive default

    Closing the cyber skills gap requires a culture of continuous learning

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

See More Products

Events

View AllSubmit An Event
  • September 25, 2024

    How to Incorporate Security Into Your Company Culture

    ON DEMAND: From this webinar, you will learn how to promote collaboration between IT and physical security teams to streamline corporate security initiatives.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing