SAT for ESG: Protecting critical relationships

As companies, investors, and consumers increasingly focus on environmental, social, and governance (ESG) issues, cybersecurity is more important than ever. So important, in fact, that this was the topic of NINJIO CEO Shaun McAlmont’s most recent article for Cyber Defense Magazine. 
As Shaun explains, cybersecurity has a broad range of ESG implications: from keeping sensitive customer data secure and private, to protecting the entire country by thwarting attacks on critical infrastructure, healthcare services, government entities, and other institutions that are necessary for our communities to function. 
Evolving tactics among cybercriminals and surging rates of successful attacks mean companies are more responsible than ever for protecting sensitive information and ensuring that their systems aren’t compromised.  A 2021 KPMG survey of CEOs found that they regard cybersecurity risk as their top threat to growth—a risk consumers and investors are taking more seriously by the day. Meanwhile, companies are still relying on remote work—which presents an array of cybersecurity challenges, from the use of insecure home networks and IoT devices to risks of using public WiFi.
According to a 2022 Edelman report, 88 percent of institutional investors “subject ESG to the same scrutiny as operational and financial considerations.” For most companies, how cybersecurity is implemented and prioritized is a core part of their overall governance as it directly impacts data security and privacy, continuity of service and technology, and the operational integrity of their networks and systems. 
Here are three things to consider: 

ESG reporting on initiatives related to cybersecurity not only builds trust with investors and provides a level of transparency for public records, but also ensures compliance with regard to consumer data protection.

A robust cybersecurity platform is indispensable to meeting basic ESG criteria—from the protection of sensitive customer information to the adherence to laws and regulations around data privacy.

A well-trained workforce is a company’s most significant cybersecurity asset; the vast majority of cyberattacks rely on social engineering: the deception and manipulation of human beings to infiltrate an organization. 

At a time when ESG is a major area of focus for companies of all sizes and consumers are worried about how their personal data is being used, cybersecurity has never been more vital. This is why an effective cybersecurity awareness platform—complete with engaging security awareness training (SAT) for all employees—is a must-have.
For more information on cybersecurity is critical for ESG, read Shaun’s full article here (pg. 211).