Security threats aren’t going away or getting any easier. With brand reputation, customer trust and financials on the line, CEOs are taking security more seriously than ever before. In fact, in a study we conducted at Pluralsight, 40% of technology leaders identified information and cybersecurity as the number one skill they need to grow on their teams.
Building a strong security team with relevant skills is an important step, but it’s not the only one. Organizations with the best security posture live and breathe a security-centric culture. Every employee keeps security considerations top of mind, regardless of their role or responsibilities.
So what does that look like in a real company environment? It’s not as simple as presenting one-size-fits-all training to your entire employee-base. To truly instill a security-first mindset from engineering to HR to sales, you need to get buy-in from each department.
Contextualize the risks for each segment of your organization. Speak their language; don’t just spout infosec jargon and use low-level examples. Once your employees understand how threats and vulnerabilities impact their contributions to the business, they’ll feel more ownership over the problem.
Involve the c-suite
Above all else, creating a security-conscious environment needs to come from the top-down. How can you expect the rest of your organization to follow best practices if their leaders don’t? As an executive team, you need to be the strongest champions of security, and your behaviors need to follow suit.
At Pluralsight, we understand the challenge organizations face as they try to keep up with evolving threats and an ever-changing technology landscape. We face them too. That’s why we offer comprehensive content to help your org gain critical skills in digital forensics and incident response, secure coding, penetration testing and compliance.
And it’s also why we just launched a free course series, Creating a Security-centric culture, with world-renowned security expert Troy Hunt. Troy’s first course in the series is available now (you can watch it here), and it shows you how to start embedding security into your organization from the start. With a company-wide commitment to best practices, you can focus on growing and evolving your business — not trying to recover from a devastating breach.
Pluralsight is an enterprise technology skills platform that delivers a unified, end-to-end learning experience for businesses across the globe. Through a subscription service, companies are empowered to move at the speed of technology, increasing proficiency, innovation and efficiency. Founded in 2004 and trusted by Fortune 500 companies, Pluralsight provides members with on-demand access to a digital ecosystem of learning tools, including Pluralsight IQ, directed learning paths, expert-authored courses, interactive labs, and analytics. For more information, visit www.pluralsight.com.