This is one of the 52 terms in The Language of Cybersecurity published by XML Press in 2018 and the contributor for this term is Danyetta Fleming Magana.

What is it?

An ongoing process to define an organization’s risk and threat environment as it relates to its people, processes, policies, and technology.

Why is it important?

Situational awareness provides the foundation upon which to build a strategy for all other activities related to safeguarding your information and reducing cybersecurity risks. Every organization is unique in its mission, culture, and function; therefore, effective risk management requires that business professionals maintain situational awareness to ensure proper focus and perspective.

Why does a business professional need to know this?

The success of any cybersecurity risk management program depends on the ability of an organization to protect information and digital assets. In order to define a cybersecurity risk strategy, business professionals and cybersecurity specialists must understand the environment their organization operates in. In other words, they must have good situational awareness of their environment.

The situational awareness process considers all aspects of an organization from supply chain to information technology in relation to potential cybersecurity vulnerabilities and threats. For example, what would be the impact on your organization if you lost critical privacy or intellectual property? Would such a loss require operations to cease for a period of time or even permanently? Can you manage the operational impact?

If you attempt to define a risk management program without good situational awareness, you are likely to waste resources on strategies and safeguards that either do not achieve an optimal Return on Investment (ROI) or are ineffective.

2013, the danger of losing situational awareness became clear to the department store chain Target when the company’s vendor system was breached, costing the retailer millions of dollars and damaging its reputation. Vendors often have access rights to intellectual property, privacy data, and information systems across multiple business units and functions. Understanding their role in your environment is key to developing an effective strategy to manage cybersecurity risks.