* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/)
* Building Strategies to Ma...

# Building Strategies to Make Sure Cybersecurity Is Everybody's Business

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F07%2Fcso-building-strategies-to-make-sure-cybersecurity-is-everybodys-business%2F)  
[](https://twitter.com/share?text=Building+Strategies+to+Make+Sure+Cybersecurity+Is+Everybody%27s+Business&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F07%2Fcso-building-strategies-to-make-sure-cybersecurity-is-everybodys-business%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2016%2F07%2Fcso-building-strategies-to-make-sure-cybersecurity-is-everybodys-business%2F&title=Building+Strategies+to+Make+Sure+Cybersecurity+Is+Everybody%27s+Business&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2016/07/cso-building-strategies-to-make-sure-cybersecurity-is-everybodys-business/&ts=markdown)  
\[\](mailto:?subject=Building Strategies to Make Sure Cybersecurity Is Everybody's Business)  
Link copied  
By [Greg Day](https://www.paloaltonetworks.com/blog/author/greg-day/?ts=markdown "Posts by Greg Day")  
Jul 29, 2016  
4 minutes  
[CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown)  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Gartner](https://www.paloaltonetworks.com/blog/tag/gartner/?ts=markdown)  
[General Data Protection Regulation](https://www.paloaltonetworks.com/blog/tag/general-data-protection-regulation/?ts=markdown)  
[NIS Directive](https://www.paloaltonetworks.com/blog/tag/nis-directive/?ts=markdown)  
[Research](https://www.paloaltonetworks.com/blog/tag/research/?ts=markdown)

Cybersecurity is continually a focus of news headlines and remains very much a topic under discussion across the globe. As the world, its devices and its systems become increasingly connected, the need to have the right cybersecurity defences in place is clear and increasingly understood.

Businesses are certainly aware of how much damage a successful data breach can cause, so much so that it's become a major boardroom issue, with employee education and their role in preventing cybersecurity incidents key in the thinking of directors and executives.

In Europe, firms also have new laws to think about in the coming years, particularly with new legislation coming in from the EU. The Network and Information Security (NIS) Directive and the General Data Protection Regulation (GDPR) come into force in May 2018.

So the question is, how prepared is Europe for breach prevention and the ability to apply the "state of the art", as well as for the notification of authorities in the event of a breach, be that aligned to the protection of EU residents' personal data or the broader requirements to notify around certain security incidents set out in the NIS Directive for operators of essential services and the lighter requirements for digital service providers?

Results from our research, "[Clearing the Path: Preventing the Blocks to Cybersecurity in the Business](https://www.paloaltonetworks.com/resources/research/preventing-blocks-to-cybersecurity-in-business?ts=markdown)", are encouraging. The research showed that European businesses certainly understand what's at stake, with 96 percent of business decision-makers acknowledging that cybersecurity should be a priority.

### Cybersecurity is not yet everybody's business

But it's not all good news. Cybersecurity should be everybody's business, but it seems that this isn't always true in practice -- one in five management-level employees don't feel they have a role to play in cybersecurity, while 40 percent believe that IT alone would be held to blame in the event of a breach. The upcoming pieces of legislation mean that such a legacy view will no longer survive.

By now we should all understand that cybersecurity isn't just an IT issue but a business practice that needs to involve all employees and all departments. Our research indicates that this isn't easy, as some cybersecurity policies have a negative effect on productivity -- one in five respondents feel policies are frustrating and can prevent access to tools they need to do their job well.

On the other hand, our research indicated that 61 percent of respondents would make sure that they spoke with IT before introducing a device onto a corporate network. While that is an overwhelmingly positive figure, it leaves 39 percent of employees not engaging with IT before connecting -- a high margin for risk. There was also some concern around temporary employees, such as contractors; 16 percent of respondents said they had observed that a temporary employee had circumvented policies.

It seems that, even though the bring-your-own-device (BYOD) model has been around for a long time, many companies still have trouble managing both personal and business access, especially with the boundaries between consumer and corporate cloud services becoming increasingly less clear.

### Viewing cybersecurity as an integral part of the business

So there is still work to do, but progress is being made. Cybersecurity is becoming a boardroom topic and an integral part of the business. To continue along this path, organisations must understand that cybersecurity education, empowerment and implementation are all ongoing processes. This will mean continuing with education efforts and ensuring employees, both in full-time and non-permanent positions, have all the skills and training needed to identify and prevent threats.

The immediate challenge is to adapt to the cybersecurity requirements laid out by GDPR and the NIS Directive, which create a compelling case to prevent cybersecurity breaches. Looking at the bigger picture, organisations need to prepare for a period in which the number of devices is expected to grow exponentially as more data flows between businesses. Gartner [says](http://www.gartner.com/newsroom/id/3291817) that 25 percent of identified attacks will involve the internet of things (IoT) by 2020.

Future cybersecurity strategies also need to keep in mind that employees will demand choice over the devices and services that they use. Organisations must enable this, rather than dictate, and that may well mean looking at next-generation security tools designed for a modern computing environment.

*** ** * ** ***

## Related Blogs

### [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### CISOs Must Incorporate Regional Laws and Regulations into Cyber Strategy](https://www.paloaltonetworks.com/blog/2018/06/cisos-must-incorporate-regional-laws-regulations-cyber-strategy/)

### [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### CISOs Must Address the Cybersecurity Skills Gap and Increase Cyber Awareness](https://www.paloaltonetworks.com/blog/2018/06/cisos-must-address-cybersecurity-skills-gap-increase-cyber-awareness/)

### [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### CISOs Must Embrace the DevOps Philosophy](https://www.paloaltonetworks.com/blog/2018/05/cisos-must-embrace-embrace-devops-philosophy/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown)

[#### Winning the AI Race Starts with the Right Security Platform](https://www.paloaltonetworks.com/blog/2025/12/winning-ai-race-starts-with-right-security-platform/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### A CIO's First Principles Reference Guide for Securing AI by Design](https://www.paloaltonetworks.com/blog/2025/11/cios-first-principles-reference-guide-securing-ai-design/)

### [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

[#### AI, Quantum Computing and Other Emerging Risks](https://www.paloaltonetworks.com/blog/2025/10/ai-quantum-computing-emerging-risks/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language