Craig McDonald 19 May 2016 16:55:34 AEST 3 MIN READ

The IT department has become the first line of defence in the cyber war-zone

The IT department is a mainstay in every modern organisation, a crucial element in today’s rapidly changing business environment.

As new software and technologies have emerged, the role of the IT manager has evolved significantly over the past decade, and in tandem so too has the skillset required for the job.

With the continuing rise in cybercrime, the IT manager is arguably the first line of defence in the cyber war zone. Historically, the role of IT personnel was dedicated to being a gatekeeper of information, today it has become a business enabler, involved in every aspect of company activities.

Now it’s no longer sufficient to just have the technical skill set. With the rise in cybercrime, IT and security managers need to build a new, much softer skill set to bolster their organisations against attack. As the role of IT managers expands into new territory, the following skills are paramount to cyber security success.

  1.     The power of persuasion

Having the leadership and mandate to properly articulate the risk of exposure caused by cyber security threats to staff within an organisation is an essential skill required by IT managers. Getting staff on board and aware of the business risk of a cyber-attack is just as important as having the right external security measures in place.

It is all too easy to ignore the human role in cyber breaches and IT managers must educate the organisation. Making employees at all levels aware that they are responsible for contributing to the protection of their organisation, by educating them on procedures and the implications of unsafe practices, is critical to ensuring a strong line of defence.

  1.     Collaboration is key

Being more collaborative within internal business units is an essential skill for today’s IT managers. As the glue that holds together most of the company’s processes, the IT team needs to be integrated into all business functions to ensure the highest level of cyber security intelligence.

Most companies put up castle walls when it comes to cyber security. While this may be somewhat effective at keeping out criminals, it can make organisations oblivious to what is being planned around them and therefore unable to predict or adjust to changing cyber hazards. Equally, collaborating with peer groups in the industry is essential to monitoring potential external threats before they arise.

  1.      Attract and retain top talent

Attracting and retaining the top talent is important for any business function, however in the IT field it is absolutely critical to attract highly skilled professionals. Therefore managers must think outside the box when hiring these employees.

New cyber security challenges require new information security skills in the areas like data protection, privacy and social engineering. The skills needed to combat cyber threats are now vastly different from those needed for traditional IT security and if the company is left with a shortage of these skills it can leave them open and vulnerable to attack.

  1.     Know when to build or buy expertise

IT managers are required to identify when and where external assistance is needed and partner with the right security specialist vendors. Cyber security is resource intensive and constantly changing so it often makes a lot of sense to engage with a company that provides those services/solutions as a core.

This involves evaluating which security measures are vital to business success including considering proactive defence mechanisms, company data preservation methods and downtime response times. Retaining the ability to respond in a fast and smart manner with the least company impact will ensure business continuity in the face of attack.

Ultimately, creating a culture where employees are aware of areas of cyber security concerns and motivated to protect the business is critical to improving cyber security measures. With IT managers at the helm of this movement, their approach to engaging employees and peers is becoming increasingly driven by their soft skills. The key to creating a high level of security is ensuring that the right messages reach the right people and understanding that cyber risk management is a continuous and evolving process.


Craig McDonald is the CEO and founder of MailGuard, a leading Australian technological innovator providing complete enterprise-grade protection against email and web security threats such as phishing and malware, spyware, viruses and spam

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.

Keep Informed with Weekly Updates

^ Back to Top