Company directors build cyber security culture

First, the bad news. Cyber security challenges are growing rapidly, and new threats are detected almost daily. There is no such thing as total protection, and even in the best-case scenario, the aim is to minimize losses in case of any mishap.

Then the good news. There’s much that can still be done. A company’s cyber security is based on the culture on which security thinking is built. This refers to a comprehensive approach to cyber security, as a part of the company’s reputation and brand. The management of cyber security risks must be customized for each business so that cyber security is one of the company’s core processes. And the responsibility for making this happen lies with each company’s management.

Niko Candelin, Netox Development Director, has been getting acquainted with companies’ cyber security risks throughout his entire career.  As technology develops and threats increase, it is necessary for individuals to keep learning, and this applies to everyone working with cyber security. During the summer, Candelin participated in a study programme at Harvard University which included the identification of specific cyber security threats, risk management and deflecting cyber attacks. “More than two months of full-time studying was a huge effort, but definitely worth it,” Candelin said. “Cyber security requires constant work.”

Managed cyber security services are a part of Netox’s managed IT services. “We updated the service package in August. I’d recommend every company to check their own CTI situation, for example,” Candelin warned. CTI is an abbreviation of Cyber Threat Intelligence. As a Netox managed service, it means that the client company will get a regular vulnerability analysis of their IT environment, and guidelines for dealing with any weaknesses discovered.

“The cyber security of European companies is developed purposefully. France, Great Britain and the Netherlands seem to be leading the way. The main difference compared to the US is mainly that companies there generally have a completely separate budget for cyber security. “Especially in Finland, it’s part of the general IT budget, or has not been taken into consideration at all,” Niko Candelin estimated. “This approach should be corrected.”