- Security TWENTY
- Women in Security
CEOs’ and senior executives’ reluctance to incorporate regular training and job development into their roles is directly affecting organisations’ ability to manage ‘Digital Age’ risks such as cyber crime, according to a certification firm.
Richard Pharro, CEO of APMG, suggested there is an inherent culture of providing relevant training courses for employees on the ground and middle management, while C–level positions fail to benefit from up-to-date skills development. In an ever-changing digital landscape, Pharro said, the roles and responsibilities of senior executives are also developing in tandem. He said: “CEOs by their nature are highly motivated and skilled individuals and most will value the training available to their employees in order to develop skills and increase the quality and range of their output. However, the value of training doesn’t stop at middle management – learning should never stop, especially in today’s digital world. CEOs staying informed on current cyber security risks has a positive impact in the boardroom and beyond.”
Board-level inexperience of the technical procedures required to defend against and respond to breaches is widespread among CEOs, Pharro said: “In part due to a lack of free time and in part due to a perceived view of cyber security as tangential to their core role, CEOs often overlook cyber training. Taking into account the number of cyber attacks that have become public in the last 12 months or so, any large organisation must view a breach as inevitable.
“In order to deal with the range of threats faced by an organisation on a daily basis, its cyber security strategies must consider all possible technical or cultural factors that pose a degree of risk. With the right skills in place, an appropriate response to threats can be effectively communicated across the whole organisation in a common language. RESILIA from AXELOS introduces a framework of best practice that builds cyber resilience skills across an organisation, from the CEO down, through a range of certifications and awareness tools.”
He added: “I strongly encourage CEOs and senior executives to consider how cyber training might fit into their roles, as it is fast becoming essential in the on-going fight against cyber crime. True resilience led by the CEO will reduce the likelihood of a breach, and help plan a fast organisational recovery if such a breach does occur in the future.”