Company
Proactively managing information security risk through education and awareness.
Organizations are having an increasingly difficult time security their confidential information. Meanwhile, regulators, customers, and boards of directors are requiring that they do more.
Responsibility is often placed directly on the IT organization to solve the problem, yet information security is fundamentally a people problem. People design all computer systems and use the data within them to perform their jobs.
If people are part of the security problem, they must be part of the solution. Safelight Security Advisors designs, develops, and delivers state of the art information security education and awareness programs that bridge the gap between business and technology.
Security education should target the entire enterprise, not just the developers. Enterprise-wide security education provides a number of major benefits:
- Security education and awareness is best understood from the top down. Teaching executives about security and the downside risk of data loss means that time and budgets will be considered in the corporate planning process.
- Teaching project managers about security gives them an appreciation for what their developers are up against
- Teaching developers how to code securely significantly reduces security issues
- Teaching general employees about security significantly decreases the likelihood that breaches will occur and when they do they are properly reported. Security is only as good as the weakest link, and security is much too big to be solely the Security or IT department’s job.
