Training should be an integral part of your cyber security strategy

How can company bosses be expected to make big decisions about the parts of their business that they just don’t understand?

The regularity with which large-scale data breaches seem to appear in the media headlines is near impossible to ignore. The fear of falling victim to such an attack is an everyday reality for most organisations, which is why so many invest heavily in cyber security. Spending extra money on defences will help but it’s certainly not where the efforts should stop.

According to a new study from the Ponemon Institute, most IT bosses are pushing their companies to increase their tech focus, but few are following this up by making sure existing staff are ready. Upskilling is a big ask, but it is absolutely necessary if companies are to get the return on investment their CIOs are promising.

The group’s researchers surveyed 5,000 security professionals as part of the study and unearthed a distinct lack of cyber security among executives. CIOs may be spearheading their firms’ tech drives but it’s the C-suite bosses who spend the money and have the final say. They should, therefore, have a decent understanding of the constantly changing IT landscape and its countless threats.

This issue isn’t likely to exist forever; it’s clear that a new tech-savvy generation is entering the workforce at the moment, and within the next decade or so, more and more C-level positions will be taken by these IT-familiar workers. There will always be a skills gap between specialists and their bosses but it is closing. For now, though, proper training must be a priority. Knowledge is power, and it has to be shared.