I cannot think of a more appropriate field than cybersecurity to apply the above quote too. I have worked with many professionals before and after they were exposed to a major cybersecurity incident. Some were very interested and serious about cybersecurity. Some cared but just avoided the issue (the majority of people). And some could care less. And of course, every variation in between.
But if you want to see someone who is laser-focused on cybersecurity find an executive after they have been hit by a major cybersecurity event. You will see an amazing transformation before your eyes. The change is breathtaking and quick. You know right away that this person is not going to go through that again.
Have you ever talked with a smoker who has quit smoking and now talks about smoking all of the time? You know them. They smoked like a chimney for 20 years, until one day they got the energy and persistence to quit this very difficult habit. Kudos to them for beating it.
But now they are converted. They made it through the woods and came out the other side. And one thing you know is they are never going to go through that again if they can help it. And they want you and everyone else to know this is not something anyone should go through. It is an amazing transformation and it is instructive of human nature. It is not a knock against ex-smokers or ex-cybercrime victims. It is just how people work.
So, what are the lessons we can learn from this? Is it that cybercrime is inevitable? No. Is it that smokers are zealots? No, What we learn is there is a way to avoid being the victim and the zealot all at once. And that is preparation. Preparation of your cybersecurity posture starting today.
Preparation of your employee training program. An initiative to start bringing your cybersecurity policies and procedures in line with an organized and proactive impetus. And this all happens from the top. I can tell you what people do after a cyber attack and it is not always rational. So, get in front of this today so you can put it behind you tomorrow. Another quote “hindsight is always 20-20.” But you can benefit from this 20-20 hindsight before it happens. So, I urge you to get the 20-20 vision of your cybersecurity posture today before the breach. It is not easy, but it is simple.