Who Is Responsible for Cybersecurity Resilience? It’s Complicated, But it Doesn't Need to Be
As our cybersecurity response capabilities and tactics continue to improve, so, unfortunately, do the tactics from threat actors. Cybercrime has increased 600% during the COVID-19 pandemic, according to PurpleSec reports and combatting these incidents is a growing problem that continues to escalate despite our best attempts at mitigation and prevention. Why does this continue to happen and what should we be doing differently? It may be time to review the role of responsibility among all involved.
Everybody Has an Obligation to Protect Data, Systems
In almost any discussion of cybersecurity, the question arises: whose responsibility is it?
- Are MSPs responsible for ensuring companies are protected?
- Are companies responsible for their own cybersecurity initiatives and measures?
- Should the government be involved with mandating cybersecurity protocols?
- To what degree are users responsible for protecting their own information?
Round and round we go.
When it comes to cybersecurity, there is often a conflicting understanding of who is responsible for ensuring the safety of company data and systems. Experts argue that the management of cybersecurity should not lie with a single entity, even when that entity is a partner who specializes in cybersecurity. In fact, most industry professionals are pushing more toward a community of shared responsibility, where every party assumes a certain level of ownership when it comes to protecting their information.