As I’ve said before, I haven’t been hands-on-keyboard for some time. (That’s a term I heard used for the people that do the amazing work of defending networks against the bad guys and I really like it.)
I deal at the business level. I protect the ability of the business to create value. Most of the time in cybersecurity, that is about minimizing risk enough that management can sleep at night. We call that reaching the tolerable risk level. It DOES NOT mean eliminating risk! The only way to eliminate risk is to close that line of business down. If anyone claims to eliminate all risk, run away…fast!
One thing to keep in mind is that some of “the bad guys” are usually much better at attacking then any company is in defending. If a good nation state sets their sites on your company, you better have your ducks in a row! Fortunately, the majority of the attackers out there are not nearly that skilled.
To be completely honest, you can protect yourself from most of the threats out there by doing a hand full of things. It is this list and other advice that I will cover in these postings. The goal here is to help protect all those businesses out there that can’t afford cybersecurity staff.
A CISO can demand $200k-500k a year. Most small-mid sized businesses can’t afford that. I understand but it’s all about demand. My hope is that these posts will help companies put a little security in place until they get talent onboard.
-
Microsoft’s Security Reputation: A Balanced Perspective
When it comes to the security of tech giants like Microsoft, Apple, Google, and various…
-
Why you should pay attention to the Huawei issue
Most people didn’t understand the hoopla around Huawei being banned from telecom companies in the…
-
The Imperative for Cyber Talent on Corporate Boards
In an era where digital threats loom large over corporations, the integration of cyber governance…
- Elevating Board Performance: Insights and Opportunities - May 9, 2024
- Microsoft’s Security Reputation: A Balanced Perspective - April 23, 2024
- What Makes a Nonprofit Successful? - April 17, 2024