It doesn't matter how big or small your business is, or whether its annual revenue places it on the Fortune 500 list. If you run an enterprise, you are a potential target of cybercrime. It's as simple as that.
The problem is that some enterprises don't seem to realize this. Instead of preparing to guard against the multitude of threats out there, they prefer to operate in a mode of futile rationalizing. We're not a big enough business anyway. We don't represent the kind of target that would be lucrative for hackers. These are the types of excuses that organizations fall back on to justify inaction. But this approach is a recipe for disaster. Instead, companies need to stop making excuses and start focusing on coming up with the best cybersecurity plan for them.
Don't Slack Off When It Comes To Making The Plan
So you're in the boardroom now. The business administrators have all agreed that a robust cybersecurity plan is in the best interest of your organization. The question now becomes: Where to start? Here are some tips:
- Ensure cohesion within company. There's no such thing as a one-size-fits-all cybersecurity plan, as Dark Reading contributor Jason Sachowski points out. The type of plan that your business rolls out is going to depend on various factors that are unique to your enterprise, such as its industry, size and the kind of technology it leverages. Therefore, it's not always productive to look to other companies for a model of what your business's cybersecurity plan should look like. Instead, it's much more important to ensure that everyone within your organization is on the same page. Whatever cybersecurity steps you take, make sure they're steps that everyone in your office - not just the folks in IT - understand.
- Bring on cybersecurity talent: A well-conceived cybersecurity plan is invariably going to be one that has some real industry expertise behind it. To that end, it's vital that businesses reach into the expanding pool of cybersecurity talent to find workers who can help refine a security strategy. Fortunately for organizations, experts like these are cropping up left and right. At The University of Maryland Francis King Carey School of Law, for instance, the school recently announced that its masters program in law will now offer a specialization in cybersecurity.
"We've seen in our work with private companies that employees who have technical knowledge about cybersecurity would be helped tremendously if they also were able to have expertise on the law and policy of cyber," explained Michael Greenberger, director of the university's Center for Health and Homeland Security, about the new program.
By bringing on new talent and making sure that everyone at the company is on the same page, a business can take a major proactive leap toward rolling out the kind of cybersecurity program that will stave off attackers. In this day and age, such a resource is a necessity, not an option.