As I’ve said before, I haven’t been hands-on-keyboard for some time. (That’s a term I heard used for the people that do the amazing work of defending networks against the bad guys and I really like it.)
I deal at the business level. I protect the ability of the business to create value. Most of the time in cybersecurity, that is about minimizing risk enough that management can sleep at night. We call that reaching the tolerable risk level. It DOES NOT mean eliminating risk! The only way to eliminate risk is to close that line of business down. If anyone claims to eliminate all risk, run away…fast!
One thing to keep in mind is that some of “the bad guys” are usually much better at attacking then any company is in defending. If a good nation state sets their sites on your company, you better have your ducks in a row! Fortunately, the majority of the attackers out there are not nearly that skilled.
To be completely honest, you can protect yourself from most of the threats out there by doing a hand full of things. It is this list and other advice that I will cover in these postings. The goal here is to help protect all those businesses out there that can’t afford cybersecurity staff.
A CISO can demand $200k-500k a year. Most small-mid sized businesses can’t afford that. I understand but it’s all about demand. My hope is that these posts will help companies put a little security in place until they get talent onboard.
-
Drive-By URLs: What are they?
In the ever-evolving landscape of cybersecurity threats, drive-by URLs have emerged as a significant concern…
-
Beware of Fake CrowdStrike Fixes: A New Malware and Wiper Threat
In the rapidly evolving world of cybersecurity, threat actors are constantly devising new methods to…
-
Ransomware targets Small and Medium-Sized Businesses
The latest Microsoft Digital Defense Report 2023 sheds light on the evolving landscape of ransomware…
- Drive-By URLs: What are they? - July 26, 2024
- Beware of Fake CrowdStrike Fixes: A New Malware and Wiper Threat - July 25, 2024
- Ransomware targets Small and Medium-Sized Businesses - July 25, 2024