FINAL WORD
That isn ’ t to say that the people in organisations are the weakest link . In fact , they can be one of the strongest defences if given the right support , training , and tools to help protect the data .
When it comes to managing human risks , individuals likely possess all the data necessary to get started .
But an effective strategy for approaching human risk management needs to be put in place .
A three-step approach of monitor , reduce , fix provides a useful framework that starts with analysing the data on the risks that employees are causing , coaching them to reduce the likelihood or severity of incidents and fixing the issues raised automatically or nudging them to fix them directly .
Organisations that do well at protecting personal data tend to have a positive attitude towards security – what we ’ d call a strong security culture .
One of the key indicators of a strong security culture is when people in organisations are not afraid to come forward when they have made a mistake .
If colleagues feel safe , knowing that they won ’ t get blamed for an honest mistake and that their organisation is going to work with them to rectify the problem , then they will inform what needs to be fixed .
But what if there is a punitive culture , where people feel they will be punished for making mistakes .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 83