Since 2020, waves of ransomware attacks have battered both private and government sectors. To combat this, the U.S. government has released a strategy aimed at pushing federal agencies to boost their cyber security efforts.
According to CNN, the plan aims to integrate a “zero-trust” approach to cyber security, a philosophy which dictates that a network should trust nothing outside its confines. Under this approach, federal employees will have to go through numerous layers of security to sign into agency networks. It will also require organizations to keep a complete inventory of electronic devices on their networks.
The plan, announced in a memo by the Office of Management and Budget at the end of January, comes on the heels of a cyber security executive order signed by U.S. President Joe Biden in May 2021. Agencies will have until the end of 2024 to meet these requirements.
The U.S. government is also taking steps to secure the country’s water supply, which, according to The Washington Post, spans 150,000 water utilities. As reported by ZDNet, the Industrial Control Systems Cybersecurity Initiative — Water and Wastewater Sector Action Plan will set up a leadership task force from across the water utility industry, launch incident monitoring pilot programs, enhance information sharing, and offer technical support to water systems that need assistance.
Survey Finds Three Major “Perception” Gaps Between Security-Focused Executives
The private sector is also taking steps to prioritize cyber security. However, according to the Global Cybersecurity Outlook 2022, which surveyed more than 120 global cyber leaders, there are some differences in how security-focused executives perceive cyber security matters within their organizations. According to the World Economic Forum, these “perception gaps” include:
1. How much cyber security is prioritized in business decisions:
While 92% of surveyed business executives thought cyber security is “integrated into enterprise risk management strategies,” only 55% of security-focused executives agreed.
2. Obtaining cyber security support from leadership:
While 84% of respondents said cyber resilience is seen as a business priority in their organization that is supported and directed by leadership, only 68% saw it as a major component of their risk management. Many leaders charged with cyber security reported they were not being consulted on business decisions. This disconnect could become a problem that could detrimentally affect security.
3. Recruiting and retaining cyber security professionals:
59% of respondents said it would be challenging to respond to a cyber security incident due to their teams lacking skills. As such, most respondents saw recruiting and maintaining talent as their biggest challenge. However, business executives seemed “less acutely aware” of the gap between the skills possessed by staff and the skills needed.
Given these findings, executives should take steps to ensure they are incorporating the perspectives of their cyber security leadership in business decisions, and should also ensure they are prioritizing cyber security in all aspects of their decision making.
Improving Cyber Security in Your Organization
Are you facing perception gaps that are hindering your cyber security practices? What are your cyber security resolutions for the coming year and beyond? Having the proper tools and systems in place can prevent data breaches and cyber crimes. As the world becomes more automated, it’s crucial for your organization to understand available cyber security measures to protect its data and devices. Cyber Security Tools for Today’s Environment, an online 11-course program from IEEE, helps businesses improve their security techniques.
Contact an IEEE Account Specialist today to get access to the course program for your organization.
Interested in learning about getting access to the course for yourself? Visit the IEEE Learning Network to learn more.
Lyngaas, Sean. (26 January 2022). White House attempts to strengthen federal cybersecurity after major hacks. CNN.
Bissell, Kelly and Pipikaite, Algirde. (18 January 2022). What you need to know about cybersecurity in 2022. World Economic Forum.