People like me and the security community have been screaming for the last 10 or so years about the problems, issues and dangers that the digital world delivers to business.
We have shown numerous times that the digital realm is a huge problem for anyone who thinks that:
- they are not a target,
- have nothing worth stealing or
- cyber security is too expensive.
Time and time we have seen data breaches and ransomware attacks that have crippled organisations, both large and small.
We have seen the most secure people in the world get breached time and time again.
Still no one is listening!
We are told we are being scare mongers, unrealistic, even calling our reputations into question. BUT, we still see the problems and although we are screaming we cannot convince people to do something about it.
Like me there are a number of people or organisations who are more interested in education and the process of education and training than selling tin (unnecessary technology) to a business.
We are more interested in raising awareness, and raising awareness is where we need to start.
As a CEO, manager, owner or board member you already have a handle on risk management. You live and breath cashflow, revenue streams, management teams and HR, it is all part of the process of being in charge. All this is taught in managers school or more importantly the school of hard knocks.
If you don’t learn these basics then you are going out of business. Slow or fast you will eventually go out of business.
There is a saying that “you don’t know what you don’t know”, in todays business world that is a specific reference to the digital realm.
We are all focussed on new and shiny, even I get caught up in the hype of new “whatever”. Most of them have a digital component incorporated into that new shiny thing.
We seldon look at the complex systems that make that part of the digital world work for you. It is complex!
As a CEO you need to understand the risks that cyber delivers to your organisation. Where do you get that understanding?
In most organisations business security lands smack bang on the desk of the IT section, the person who knows computers or the risk compliance officer.
They do not know what to do, they need guidance, direction and most importantly they need the AUTHORITY to enact change.
Business security is a very specialised area of expertise. You need to enact a framework.
You need to spend money wisely.
You need to continiously work on making the organisation more secure. Today we are more secure than yesterday!
Without understanding the risks, implementing change and giving a responsible person the authority to make change you are ignoring the Cyber Realm.
Without enacting a framework, you are at the mercy of the next cyber event.
Without a framework for business security you are not a very good CEO. That would really hurt.
Roger Smith is a highly respected expert in the fields of cyber crime and business security and is a Lecturer at ADFA (UNSW – Australian Centre of Cyber security) on Cyber crime, Cyber security and the hacking techniques used by the digital criminal.
He is an Amazon #1 selling author on Cyber crime with his best selling book, Cyber crime a clear and present danger, going to number one in 3 sections of Amazon.
He is the primary presenter for the Business Security Intensive (BSI) and author of the Digital Security Toolbox which is given away for free at the BSI. He is a speaker, author, teacher and educator on Cyber crime and an expert on how to protect yourself, your staff, your clients and your intellectual property from the digital world.