I was working with some senior people in a large fast growing company not long ago and they asked me; “Jerry how do you keep up with all of the cybersecurity events that are happening all around us, how is it possible,” and I said “I don’t, no one can it is not possible.” Then it begs the question what is the answer if you don’t have all of the answers who does? No one has the all of the answers, so you better have a really good strategy. Because you are not going to be able to keep up with the flurry of attacks, attack vectors, and your own changing attack surface.
Your strategy needs to include your cybersecurity posture, process, procedure, and it needs to be organized. If you are not organized you will never get to a secure posture. Being organized gets you the secure future you are looking for.
A New Model
I talk about this model extensively in my new book “One False Click: How to protect your company in the coming cyber war.” But here is a brief expose of this idea.
As you can see I have broken up this chart into four quadrants. Each one representing a different category of cybersecurity intervention. It goes from past to future, and cause to effect. You can see the different types of interventions affect the ROI to the company implementing them. With the preventative quadrant being the most advantageous. If you have been reading my articles for while you will notice quite a bit of discussion on preventive. And here. This is one of the major reasons why. Your goal is to get as many of these interventions into the lower left quadrant as possible, thereby increasing the effectiveness and ROI of your interventions. I will be talking about this chart in more detail in a future article. But the point is organization for now.
If you are not looking at your cybersecurity strategy in a manner similar to this then you are not organized. And if you are not organized you will have gaps. The less organized you are the more gaps you will have. And the cybercriminals live in the gaps. The gaps are where they make almost a Trillion dollars a year off in cybercrime. Get organized today if you don’t you will not keep up, and the gaps will multiply.
And eventually, the hackers will find one. And all they need is a one good one and they have you. Use this chart and others like it, get the help you need to make a concerted effort to organize your system in an effective manner, it will serve you well.