Reporting lines and Cybersecurity

As the article below indicates, it is critically important that those responsible for cybersecurity in your organization be under a separate reporting structure from those who implement an maintain the equipment. In the article, the Federal Communications Commission, after a year-long review, reversed it’s position that an outage that occurred during 2017 was the result of a cyber attack. Instead, the Office of the Inspector General’s report found that the systems were simply overwhelmed when a television host encouraged viewers to add comments to the FCC’s page. The issue reflected poorly on the prior Chief Information Officer (who was still employed by the FCC at that time), who ran with the cyber attack story. Others in the CIO’s organization disagreed with the conclusion, but didn’t speak up because of fears of retribution.

A well-structured cybersecurity program takes into account these kinds of issues and provides reporting (both automated and people-based) mechanisms to surface these communications issues early, before they become a problem. Fathom Cyber can help your organization create a comprehensive cybersecurity program.