Cybersecurity is a complex world. There are a lot of moving parts. In fact, there are so many moving parts that there really is no one out there that knows the whole picture. This is basically what my purpose is all about. It is to teach executives what they need to know for them to provide the informed leadership necessary to protect their own company. And by extension their reputation and career.
This is not an easy task. I was with some very sharp colleagues this week and we were doing an expert panel discussion on cybersecurity. And the question came up among us cybersecurity experts before the show. I don’t really know if I want to tell people to update their operating system or change their password. It just sounds silly to tell someone this. They were looking for more advanced and impressive things to say. I disagreed.
What Come First
I said to them. You need to tell people these things because they are still happening. People are not doing the basics of cybersecurity. They are not doing the basic blocking and tackling of their own cybersecurity. And without this, no other cybersecurity intervention can work. The advanced items will be worthless unless the basic blocking and tackling are done first.
Think about a successful football team. The most fundamental piece is the offensive line. These guys must protect the quarterback, so he can run plays and develop their offensive strategy that can be executed on. They have to create enough disruption on the defense, so the offensive players can get downfield. All of this is to score points. No points no win. Basic blocking and tackling.
Are You Doing the Basics?
So, we talked a lot about passwords and updating your browser. Stop answering email from people you don’t know and clicking on suspicious sites or opening attachments from people you don’t know. And it was helpful to our audience. They sincerely appreciated it. Because as I have talked about many times. It is about mindset, and that requires, awareness first and then education. It requires an ongoing pursuit of those basics every day to make your company secure.
So, the next time you think it is not important to do these simple things like don’t give strangers sensitive corporate information, or don’t leave your laptop logged in and walk away. Think of how many people are getting hacked every day. What you will notice is that the basics count and they are still a huge source of attacks when they are not followed.