What about cybersecurity awareness budgets?
If it hasn't support from the CEO nor principal chair..
Great question, and again it is back to the people aspect of it: Every cyber initiative need to spend a significant amount of effort time and money on people for awareness, communication, operating model…
On top of awareness I would say every awareness initiative needs CEO board director’s attention on a continuous basis. And I can tell that this is what we are having at Schneider Electric. But more than that it has to be a mechanism in place in the company.
For example we have a yearly mandatory training for all employees. Second with our IT/ OT initiative we have specific training for specific population. For example in our factories, in customer facing organization with cyber badge…
So here it is a full awareness approach that we have with people and It has to fit with your strategy, with your priority and it comes of course with reality check to make sure that the awareness effort that is done is paying at the end of the day.
Because at the end of the day we need to make sure that it’s not just about awareness, it’s about learning and as a CISO, as a cyber leader in the company, as a manager, I need to make sure that the company is learning from everything that is happening either externally either internally from incidents, from situations with customers…
So we need to learn because we have a lot to learn In every area especially in IT/OT and in digital.
Discuss challenges and get support in energy and automation with 30,000+ experts and peers.
Over 10,000+ support articles are available to help you find answers to your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!