Cyber criminals are constantly getting more sophisticated and adept.
This week, Microsoft blamed a Chinese state-backed group for attacks on Microsoft Mail platforms that allowed the attacker to access email inboxes, a crucial step in any well-run hack. And a short while ago, Solarwinds had to admit their software had been hacked prior to being distributed.
So, how do you make yourself safe? We use home security as an analogy: your house is safe once you’ve closed and locked the doors and windows. But you have to do it yourself; no-one will do it for you. The same can be said of online security: your company’s security is your responsibility.
Cyber criminals are scanning and testing your company all the time. But they no longer use the doors or windows. They have ways to look like your staff or suppliers; they’re already inside your office before you’ve shut and locked the doors!
And like a terrorist, the cyber-criminal only has to get lucky once. You have to be lucky all the time, and without your constant vigilance, the cyber-criminal will find a weakness.
As the owner of the business, you can’t be responsible for all the technical details. But you can, and must, be able to ask the right questions of the people responsible for security—and stay on top of them. We recommend you ask your IT team or suppliers four simple questions:
Who on the exec team is accountable for our security and risk strategy? When was the last time we reviewed and tested our security?
Are our security systems up to date and comprehensive? How do we know they’re up to date? Do we have assessments or accreditations?
Does staff—and that includes the CEO—get regularly trained in cyber security and social engineering? Have we ever tested that knowledge?
If we do end up in trouble, who’s in charge, and what’s the plan?
Most successful attacks use tried, tested and simple methods. The reason they’re successful is because companies have forgotten to get the basics right.
You don’t need to be the technical expert. But you do need to take the lead. No-one but you will make your house or your business safe. Our briefing will provide you with free, straightforward advice.
If you have any other questions about cyber security or IT, feel free to get in touch. We’re always happy to talk.
Freeman Clarke is the largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organizations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.
Risk Management and Security
Pretty much every CEO is concerned about increasing cyber threats, security risks, regulatory issues and compliance problems – and rightfully so. We meet clients whose businesses have been brought to a standstill by online attacks and most CEOs recognize the need to beef up policies and business continuity plans.
Whatever the issue, it can be hard to move forward because the IT guys don’t always speak the same language as a CEO and there’s no end to the money that you could spend on hardware, software and advice and these issues are extremely complex and technical.
Freeman Clarke is unique because one of our people – we call Principals – can join your senior team and get involved in every aspect of your IT. From servers and infrastructure to bespoke software, we will help assess the risks, explain the issues and options in plain business language and agree on a commercially sensible plan. We will understand your business, the demands of your sector, your back-office systems, your processes and data, your client and supplier contracts and your culture.
We understand that different clients have different needs… Many of our clients are traditional companies who simply need to get the basics right. Some of our clients are high-profile organizations or provide critical 24/7 services that they need to be confident they can keep operating to fulfil their contracts and commitments. What they all have in common though, is a need for a commercially viable, technically sensible solution.
If you’re interested in learning more about how we can help you with risk management and cyber security issues, then visit our website – there’s a lot of good information out there. And if you’d like, reach out to us directly – we’d be more than happy to have a conversation with you and talk about how we can help you mitigate those risks.
CEO’s Briefing on IT Risks, Compliance and Security
No doubt you worry about growing your business and being successful, but as the business grows and becomes successful, protecting it against risks becomes a new source of worry!
New concerns range from compliance with Data Protection regulations, ensuring the business will survive a climatic event, or fall victim of a cyber-attack that destroys all your data.
CEO's Briefing on IT Risks, Compliance and Security
This briefing explains practical cyber security protection measures to prevent attacks, viruses, hacking, data theft, data leaks, cyber insurance, cyber crime, ransomware, phishing.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.