‘Go beyond tech to fight cyber attacks’
Companies must build a “human firewall” to combat internet-related security issues, as cybersecurity is also a people, and not just a technology, issue.
“people are our first line of defense. it is best to upskill their competence and capabilities on cybersecurity and help them reduce the risk of security breaches,” said mhycke C. Gallego, advisory practice Leader of p&a Grant Thornton, one of the country’s leading audit and professional services firms.
in an increasingly digital world, making employees vigilant against real-life cybersecurity attacks demands more than just complying with information, technology and cyber security training requirements.
To strengthen the human firewall, the organization should undergo a change management process “so people will be able to manage the shift brought about by digitalization, as well as understand its impact to the overall it governance process,” said Gallego, a certified risk and information systems control (CRISC) and risk management assurance (Crma) professional.
To enable firms to influence employee behavior and reduce information, technology and cyber security risk at every level of the organization, p&a Grant Thornton introduced Vigil@nt Cybersecurity, an online service platform that helps businesses and organizations design, implement, and monitor their internal cybersecurity awareness and training programs.
The company drew on its own years of experience in running information, technology, and cyber security learning and development sessions for its employees to come up with Vigil@nt Cybersecurity and offer it to clients and partner-organizations.
“at p&a Grant Thornton, we are exposed to having conversations with our clients’ board of directors, senior management, and those in operations as part of our regular work. This enables us to understand their needs at various levels and customize the delivery of cybersecurity learning programs,” said Gallego.
While p&a Grant Thornton is known more for its role as an auditor and business adviser, Gallego said it also conducts information, technology, and security audits to clients. “We have also been providing vulnerability assessments, penetration testing, and technology security assessment and other reviews to our clients. This enables us to bring our wealth of experience, as well as tap from resources within Grant Thornton’s global network, in our interaction with clients.”