We take it for granted that we lock our doors at night before going to bed. How we always lock our car when we park it somewhere. We would never leave the garage open at night. We make darn sure that our kids get to the bus stop safely most parents walk their child all the way to the bus stop. Why is this? Because these are accepted best practice and methods of security. We know what can and will happen if we do not do these things. Bad things will happen. We will have our valuables stolen, we will get our homes broken into we may even see bad things happen to our family. This is unacceptable and we know it. And because of this, we make it a priority. And we know how to prevent it. So why do we not do the things necessary to protect our company’s most valuable assets, its data, its cybersecurity?
Not So Visible
But with Cybersecurity things are not so cut and dried. We don’t always see the attack coming unless we ourselves are a cybersecurity expert which the readers of this blog most likely are not. The readers are business executives or maybe IT executives. And we do not see the attack until after it happens. Another reason is Cybersecurity is not only stealthy but it is changing all of the time. An attack that was serious business two years ago now is so trivial, it is almost forgotten. So to have an accepted set of best practices is not so easy. It is a moving target. The lock you put on your door today will work tomorrow and 10 years from now. Unfortunately, data security is much more fluid. Most organizations do not have the resources or the time to adjust to the change. This deficit needs to be addressed. We cannot keep letting the tail wag the dog. If we want to get our Cybersecurity under control we need to get ahead of the game. We need to be thinking ahead, and not being so reactive.
Stop Waiting For An Attack
Stop waiting for the next attack. We need to be preventing the attacks before they form. Stopping attacks going on in our networks. Detecting defective security systems within our midst. And cleaning up our systems before they become major breaches. This can only be done with a comprehensive and proactive security policy and auditing process. A process that is ongoing and aggressive. That changes with the change in technology. We need to be asking what new technology or system do we have in place. Is it secure going in day one. Or are we just waiting for the next attack then we will deal with it. I can promise you the bad guys are doing this. They are thinking ahead and coming up with new and creative ways to get into our data. Are we able to proactively be putting in the policies that will protect our data? Do you have a plan? This takes leadership and that can only come from the top.