October is National Cybersecurity Awareness Month, a campaign created by the U.S. Department of Homeland Security to reinforce the importance of Internet security. This year, we hardly need reminding.
We have the history-making Equifax breach of late September to thank. The breach of the credit reporting company’s repositories compromised personal data of more than 145 million people, potentially affecting nearly half of the U.S. population. During a handful of congressional hearings on the topic in early October, former Equifax CEO Richard Smith said the breach was the result of technical errors, but mostly a human one — Smith blamed a single individual in the company’s technology department for not applying a security patch to a software vulnerability in a timely manner, therefore leaving a back door open for hackers.
However, much like the members of Congress who questioned Smith during the hearings, we should be asking how such a thing could happen. How could the safety of millions of people’s personal and financial information be, in essence, left in the hands of a single individual?
In my opinion, the answer to that question comes down to leadership.
In today’s digital age, every business must cultivate a culture of cybersecurity. This responsibility must be borne not only by the Chief Security Officer (CSO) or the Chief Information Security Officer (CISO), but by all STEM leaders. These leaders need to be well versed in how their organizations protect customer and employee data, manage risk, and maintain compliance, and actively share that understanding with the C-suite and board. Furthermore, they need to systematically seed cybersecurity awareness throughout companies. Read more on the importance of the cybersecurity leader’s role: