ABSTRACT
Building organizational resilience to human–computer threat may be approached through a number of ways, depending on the organization. Management practice should include understanding the organization, as well as the connections to the organization. Organizational resilience begins, in part, before an employee is hired. Ensuring that enough subject matter experts are readily available in-house to manage the need for day-to-day oversight and information assurance is necessary to minimize risk to an organization. Indeed, along with prescreening for employment, as previously discussed, the ongoing monitoring of employees at all levels of the organization is necessary. Training, coupled with an awareness of human behavior including the 32 typologies described earlier, will be an important consideration for organizations. Incorporating accountability into evaluation systems may be an effective tool, especially for management and organizational leaders. Organizations should assess their systems and identify mission-critical functions that rely on main or critical systems.
