Top 10 Ways Cybersecurity Threats and the Pandemic are Alike
I never thought, even after countless Hollywood’s dystopian movies I have seen, I’d experience a pandemic in my lifetime. A cybersecurity incident on the other hand, I absolutely knew I would experience. Either on behalf of a client, or within the walls of my own organization.
“It’s not if, it’s when,” the experts tell us.
Trust me, I have some grey hair, emphasis on the some. I like to call this grey hair: experience. Like many other experienced IT professionals, I’ve drawn strong parallels to the world of cyber security from my short time living through a pandemic. There are valuable lessons for business leaders, but the lessons are only valuable if leaders shift their attitudes from a false sense of security due to obscurity to acceptance and sensible action.
THE LIST: Let’s count them down.
10. The threat is REAL.
Debate is rampant around the size and level of risk of cyber security threats. Is it media hype? A conspiracy even? What we learn as time goes on: the threat is real. It is afflicting businesses large and small. The threats don’t discriminate.
The lesson: Don’t get caught up in dismissing cyber risks as hoopla, corporate greed or noise.
9. Incidents are happening to other organizations. Until it hits your circle, the threat seems distant.
During a pandemic you and your family are healthy until your not. Cybersecurity threats feel the same way; systems and data are healthy until they aren’t. A sudden change hits home, and your world is changed.
The lesson: Feelings of security are false given the ubiquitous nature of a pandemic and of cyberthreats.
8. There are lots of opinions out there.
America is the land of free speech, and boy do people exercise their rights! Cyber security is no exception. Folks have stories, strategies, and where there is money to made, plenty of “solutions” to offer.
The lesson: Stick to the facts. Cyber security models and approaches are mature and organizations need to avoid the noise and simply work towards alignment.
7. Sensible hygiene for EVERYONE!
Everyone has their habits. Humans like a good routine. When a new threat emerges it is tough change those habits. Then there is the question: what are the new habits to adopt? In the world of cyber security there are countless tactics organizations could implement into technology and behaviors.
6. The higher the risks the more precautions are necessary.
In addition to the sensible hygiene tactics, certain organizations required more advanced tactics. A simple check list of advanced controls organizations with greater risk should implement.
5. Being careless affects other people.
A cyber breach costs money, reputation, operational capacity and in rare but brutal cases the end to an otherwise healthy organization. People’s livelihoods are affected. It’s not life or death pandemic-level outcomes, but it is real impact to the stakeholders of an organization.
The lesson: Take care to align the controls, behavior and cyber security budget with the reality of the risks.
4. “Close to you” infections are painful.
A breach of any kind in an organization’s circle is painful. Even if data or systems are not ultimately lost, massive amounts of time, production and confidence will be.
The lesson: Take the necessary precautions.
3. The complexities are continuously evolving.
A changing cyber threat landscape is the new normal given the variables involved with attackers, technology and an organization’s workforce.
The lesson: Don’t take a one and done approach to protecting an organization, continue to assess the landscape, standards and work towards alignment in the areas it makes sense.
2. Behavioral change and new tools are required.
Wash hands, wear a mask, etc. The pandemic powers have drilled the key changes people needed to make in their day to day to better protect themselves. Every cybersecurity professional will highlight human behavior as the #1 gap to digital security. Educating and reinforcing good behaviors when using technology will better protect an organization.
Organizations have implemented countless new digital and physical tools to protect people in buildings, public transportation, etc. during the pandemic. Implementing new cyber tools will also lessen the likelihood, impact and damage of a cyber security incident.
1. Risk mitigation requires LEADERSHIP.
Leaders of American’s small and mid-sized organizations are busy. Busy managing people, strategy, finances and traditional risk. Other priorities are holding them back.
The lesson: Take the time to assess cyber risk. Risk assessments are affordable, understandable and will help leaders understand their gaps and what actions can be taken. The information will lead to consensus about what is worth doing to keep the organization healthy.
While the world has not experienced a worldwide cyber pandemic level infection (thank goodness) many organizations have been breached independently.
Organizations with less than 150 employees lack the protections they need, and their leaders are struggling to lead them to safer ground. Find a qualified cybersecurity provider to help you asses your threats and address them affordably based on the size, scope and risks in your organization.
Let's Work Together!
Schedule a discovery meeting with one of our Business Development Executives to discuss how First Call can help you solve your Cybersecurity frustrations!