With cyber criminals continuously changing their tactics to breach systems and access sensitive data, an expert at Secureworks, a global leader in cybersecurity, says improving the security culture within organisations plays a critical role in mitigating some breaches and bolster disaster recovery efforts during a cyberattack.
Security culture, which tends to be defined as the norms, beliefs and values inherent in an organisation's day-to-day operations, includes the security knowledge, attitudes and behaviours of its staff. It covers all aspects of security, including cyber security, information security, physical security, personnel security and organisational elements like policies, procedures and governance.
"Typical internal culture mistakes include a punitive workplace and a lack of personal buy-in as well as thinking of cybersecurity as someone else's problem," says Alex Tilley, Head of Threat Intelligence, Asia Pacific and Japan for Secureworks.
"If an organisation has a blame culture, whereby employees are reprimanded or punished for unwittingly playing a role in a cyber breach, then this is likely to put the organisation at further risk as other employees may be too scared to speak up or cover up their mistakes, resulting in massive losses due to a data breach," he says.
"Cyber criminals are becoming innovative in how they breach systems and access data and they are using human error to do so," says Tilley.
"If an employee realises they may have clicked on a risky link that later appeared to be unusual or they believe they have made a mistake, they may not be willing to report this due to a fear of being fired," he says.
"If such a breach does occur and the security culture is supportive in that staff feel safe in reporting incidents or behaviours to their cyber security team, this then will help cyber teams to identify and contain the attack quickly and stop bad actors from gaining further access to networks and important data."
Secureworks' recent Incident Response Report identified a significant increase in Business Email Compromise (BEC) incidents, which doubled in 2022, surpassing ransomware as the most common financially motivated cyber threat to organisations. The rise in BEC incidents can be attributed to a surge in successful phishing campaigns.
"To improve an organisations security culture, it is essential to help all staff understand their role in keeping digital identities safe," says Tilley.
"This is not necessarily about offering cyber training but more broadly in helping everyone in the organisation understand they have a responsibility to report anything suspicious," he says.
"There is no perfect way to do cybersecurity as cyber criminals know IT based protections are getting better, hence the shift towards human based attacks such as ransomware and BEC," Tilley says.
"By empowering analysts to investigate authentication fatigue and engage them with meaningful training that provides everyone with lessons learned, these are some ways organisations can further improve their security culture."
For organisations with a stretched IT team, engaging a cybersecurity service provider such as Secureworks will enable them to have full visibility of their environment, so they can identify an attack immediately and quickly prevent it from progressing further.
"At the end of the day, we all play a role in protecting our people and data; it shouldn't fall solely on the shoulders of the cyber teams," Tilley says.
"By fostering a supportive security culture where all staff feel empowered to report cyber incidents, this will go a long way in avoiding costly breaches."