Are We Looking After The ‘PEOPLE’ in People, Systems & Processes?

In Cyber Security circles, the term, ‘People, Systems and Processes’ (P-S-P) frequently does the rounds.

My question to my professional network is – “How often do we invest in the ‘People’ factor?

Stats and evidence confirm, ‘negligence’ is one of the main causal factors for a data breach. Investing in people, their training, encouraging them to do the right thing – these are keys to building great security practices.

Many organisations forget that it is the ‘people’ who implement systems and use processes. Even with automation in place, if ‘people’ don’t follow the process, a security system cannot be successfully implemented.

Recently, we were performing an audit for a client. A staff member at the organisations had switched OFF the automated security alerting system during the testing phase, to keep the noise low. He then forgot to switch it back ON. This team member moved on from the company. No one figured this out until after 6 months and a data breach!

What I am sharing with you is not anecdotal. This happened. Keen to know what you are doing to focus on the ‘People’ piece?

Ajay Unni

Ajay Unni is the Founder and Chief Executive Officer of Stickman. Ajay specialises in helping customers manage the growing threat of data breaches and compliance with globally accepted industry standards for data security and compliance. More articles by Ajay Unni

Leave a Reply

Your email address will not be published. Required fields are marked *


Subscribe to Our Insights

This email address has already subscribed!