When guards fail then king throws out guards ! Should cyber sec be same ?
No, only the leadership.
I think it depends on the root cause of the breach and what if any failures occurred on the part of the cyber sec team.
If the breach is caused by a phishing credential compromise, and the cyber team regularly runs phishing tests, but is prohibited by the CFO from imposing consequences or re-training on anyone who fails, then it would hardly be fair to fire them all for something they were prevented from preventing.
It very much depends on what failed and how.
In my experience of a significant breach, leadership team tried to fire cyber security manager.
But it turns out he had emailed people about the issue months before. Leadership team had declined the money to fix the issue.
The job of the cyber security team is not always to fix everything, it’s to ensure leadership team are aware of the risk of not dealing with issues.
If the cyber manager or team have not been looking for risks and issues then that’s a failure, but more often it’s the leadership team who won’t listen or don’t understand the risks presented to them.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Username or Email Address