Cyber-attacks are no longer purely an IT technical issue. Your management decisions, business processes and practices - the activities of your staff and even the actual setup of your physical business environment - can put you at risk of severe losses.
There is currently a significant shift in cyber-security thinking towards people and the processes and practices of organisations and conventional managment decision making rather than purely technical cyber-protection.
Until recently, the focus of cyber-protection has been almost solely on the technical - hardware, software and networks - anti-virus, firewalls, secure servers.... The underlying reasoning was cyber-attacks were through networks, hardware and software and this took technical experts to understand. Cyber-defenses were created by the same technical experts with their preferred technical ways of working. Hence, to date, cyber protection has primarily focused onm technical issues.
Now, cyber-attacks target people and their activities as an effective way to get past technical cyber-protection.
That is why BOSS-Gram focuses on supporting managers to make business decisions about their staff, business processes and physical environment to secure their organisation from cyber-attack.
"The clear lesson here is that people matter as much as, if not more than, technology.
(Technology, in fact, can create a false sense of security.)"
J A Winnefeld Jr., C Kirchhoff, D M Upton. 'Cybersecurity’s Human Factor: Lessons from the Pentagon'.
Dr Terence Love
Design Out Crime and CPTED Centre