What are some of the ways that a leader in an organization can embody and promote security as an organizational consideration?

When the CEO, CFO, CIO, and the CSO of an organization embody and promote security as an organization consideration, it can bring about drastic changes in the culture and security becomes an intrinsic part of the organization. Some of the ways they can do this are-

  • Follow all the security policies
    The security policies that are in place are for all employees and an organization leader should set a sterling example by diligently following them.
  • Attend all the training sessions

When a leader is seen to attend trainings alongside other personnel it sends out a strong message that “security is important” and make the staff sit up and take notice.

  • Diligently follow security best practices with email communication, computer access, and file management
    When a C-Suite executive gets phished the damages are much more than a regular employee getting phished. A security-aware leader understands this and takes extra care in ensuring that he follows security guidelines and best practices.
  • Carve out sufficient budget for security tools and resources
    A leader invested in security will provision for it in the annual budget.
  • Approve security policies
    New security policies which help address loopholes and organization vulnerabilities are approved by a leader who wants to promote security.
  • Send out communication urging employees to attend security trainings
    When the CEO of an organization sends out an email telling his employees to attend security awareness training it can be assumed to be read with attention. This will ensure a higher percentage of attendance.
  • Invite security audits
    Leaders wanting to secure the organization will invite and invest in in-house and third-party security audits which help identify existing organization vulnerabilities.
  • Keep abreast with information security news online
    Leaders who keep up-to-date with the latest news in security understand the impact of breaches and the emergence of new threats.