Home Entrepreneur Your company is a castle. Are you prepared to protect it...

Your company is a castle. Are you prepared to protect it from invaders?

April 21, 2021

5 minutes of reading

Comments expressed by Businessmen the contributors are their own.

Is the chief executive officer of a country consulting firm, I asked hundreds of clients, “What keeps you up at night?” Although I receive a lot of answers, most of them can be summed up in four words: fear of the unknown. I often joke with my employees that I get paid to be paranoid, whether it’s losing a sales deal, predicting a competitor’s movements, or even dealing with politics within a client. mine. In business, I see as a force, allows me to admit that there are many unknowns that can affect a situation and force me to think about multiple situations in order to plan. Much as , thinking ahead of time many steps helps my team predict and plan for changing customer priorities, changing competitors or changing employees.

One area in particular that I continue to be very paranoid about is network security. My business works with many Fortune 500 and companies Agencies take cybersecurity very seriously and this gravity falls on us. For most customers, we have contracts and agreements to comply with our customers’ cybersecurity policies. As CEO, it is my responsibility to make sure we meet these standards and agreements to protect my client information. In addition, I have a responsibility to protect the personal data of the employees they have entrusted to us.

A can have devastating effects on our business and the trust we have with our customers and employees. Perhaps a company like can survive hacked 148 million customer records, but losing the trust of my customers and employees could cause us to stop doing business.

Protecting the data of our customers and employees can be a daunting task, especially with 150 employees and contractors interacting with our customers on a daily basis. Every day, I am responsible for protecting all this data. However, I do not know what information is being accessed, downloaded or emailed within and outside of our company.

Related: 3 Network security measures to stay safe by 2021

Who has the key to the castle?

When I talk to my employees about cybersecurity, I compare the company to a castle with lots of doors. Our job is to ensure that all entry points are protected to prevent unwanted intruders. But equally important is making sure no information gets leaked, either accidentally or maliciously. This includes information in digital and physical spaces.

Once one Over the trench, all bets are finished. And, as Game of Thrones has taught us, an insider allowing the invader through some secret entrance would destroy all precautions. Never underestimate the threat humans have in your cybersecurity strategy. A chain is only strong when its weakest link, and man is its weakest link.

When you think about your strategy for cybersecurity, focus on three F-points: find, fund, and repair. And this is when the paranoia comes in handy. Think about all possible scenarios. Be prepared, because this can be a dark exercise. Some basic scenarios to think about are:

  • What if someone loses their laptop or phone?

  • What if someone compromises their password?

  • What if an employee downloads unauthorized data?

  • What if an employee intentionally forwards data to a third party?

Once you drag the topic to these questions, all kinds of bad scenarios will emerge. And, you will probably start to realize that too many doors open into your castle.

Another important strategy to find out about your network’s security hole is to compare security tools, also known as your security stack, with the standards published by your Institute of Standards and Technology or International Organization for Standardization. This process can be laborious, but if you use Google’s “rationalization tool” you can find a number of companies that can automate this for you.

Related: 6 must-have cybersecurity for your business

Ignorance is a responsibility

As an executive, you don’t need to be an expert in cybersecurity, but the risks and impacts of breaches are too great to not be properly trained. Begins to understand terms like social engineering, phishing, ransomware, and distributed denial of service (DDoS). You need to understand the risks of the third party applications you rely on and your new cloud ability to judge. You also need to be aware of solutions for which you may be asked to fund, such as Single Sign-in (SSO), Multi-Factor Authentication (MFA), Mobile Device Management (MDM), and Broker. Cloud access security (CASB).

Ultimately, decisions on these investments are on company management, many of whom will never understand the specifications of cybersecurity technologies, risks, frameworks, etc. It is important to relate cybersecurity risks to business goals, such as , supply chain, reputation and brand so they can understand where to best invest based on their business goals.

When it comes to cybersecurity, paranoia is a good thing. It keeps you on your toes and you can use it to find blind spot. When you discover your security flaws, you can take action on them.

Related: An Enterprise Leader’s Guide to Cyber ​​Security



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments