ABSTRACT
In the enterprise, cybersecurity programs exist to protect the confidentiality, integrity, and availability of the information of the business. Some cybersecurity programs on the surface may be striving to maintain confidentiality of intellectual property, others focus on the availability of information systems, and others focus on maintaining compliance with privacy regulations in their given field. Regardless of its focus, however, the ultimate goal of any cybersecurity program is to allow the organization to effectively conduct operations while sufficiently reducing financial, reputational, or functional risk. Enterprise solutions involve a widespread array of technical tools including protections for hardware, software, databases, and physical security to reduce this risk, but the most important aspects of any cybersecurity program are the organic pieces between the seats and the keyboards, e.g., the users.
