There is little doubt Cybersecurity is an escalating problem in all parts of the globe and has become a major concern not only for IT professionals, but also for any business owner who wants to protect their business.
Unfortunately many businesses don’t understand what cybersecurity is, and this lack of understanding is one of the biggest obstacles preventing companies from dealing with cybersecurity in the proper way.
IT expert Roger Smith has a simple, yet clear message for business owners. Make Cyber Security “your problem”.
Smith says: “There needs to be increasing awareness from the business owner and staff. It’s easy to put the technical things in place, but until you start training your people and start putting the right management components in place, then it’s not really worth doing anything at all. You’ve got to have your management, policy and awareness all tying together. Staff need to understand that it only takes a double click to take you from being really secured to being really exposed. People need to understand why they should be doing this. It’s not just to protect their business, but it’s also to protect their clients. You have to put protective measures around the information you collect to a point where the whole environment you’re working in as a business has got checks and balances to make sure that people are not compromising the business.”
A recent US Whitehouse release stated that “Cyberspace touches nearly every part of our daily lives. It’s the broadband networks beneath us and the wireless signals around us, the local networks in our schools and hospitals and businesses, and the massive grids that power our nation. It’s the classified military and intelligence networks that keep us safe, and the World Wide Web that has made us more interconnected than at any time in human history. We must secure our cyberspace to ensure that we can continue to grow the nation’s economy and protect our way of life.”
A recent article by NextGen Distribution agrees: “Companies must develop a governance framework for elevating security issues and evaluating their impact to the business so that appropriate risk handling can be applied. A major weakness in the approach to cyber risk and cyber security to date has been the tendency to isolate it as a specific threat involving IT. This creates a vacuum in an essential chain of necessary response – as cyber risk has become equated with operational risk rather than strategic risk – that involves the entire business in a holistic manner. Leadership must be on-board.”
Roger Smith says: “Our mantra for business is “Cyber security is my problem”. It’s how you get people to understand not to rely on anyone else to protect you. Take ownership and responsibility. Protect yourself by using complicated and different passwords on every site. Guard what you say online, especially on social media. That way you take the awareness of protecting your business from everybody else and put it back on you and you will end up with a more secure business”
Business owners think it’s easy to secure their IT network. When a threat is discovered, they go and buy an off the shelf solution recommended by sales staff in a local store, which is often not the best solution. They react to a situation that has arisen, rather than having a strategic protection plan in place. Business needs to ensure if something major does occur, they are in a situation where they can recover everything by having an offsite and onsite backup solution in place.
If a major event does occur, you can “virtualise” and bring the system back up, rebuild the server and continue business. That way you protect your business no matter what happens.
When it comes to technical solutions for the IT world, there is a fine line between getting it right and getting it badly wrong. Engaging an experienced IT security consultant will help get the right solution in place and ensure correct policies and procedures support it. The finer technical details of cyber security are often alien to people not involved in the cyber-crime area and this is what an expert brings to the table.
To find out more about the risks of cyber-crime to business, visit: www.smesecurityframework.com.au.