In the cybersecurity world many times you hear pundits and experts alike tell you scary stories of the cyberspace and how you are going to get hacked. It’s always so scary and unnerving. And because of this, we have everyone scared all of the time. This is the downfall of the data security regime.
Its ok to be prepared and to get a little concern in your blood. It is part of the process. But it is not ok to go overboard with the fear and warning tactics. Because what happens then is the opposite of the intended effect. People still care but now they avoid the risks more than they should. Executives do this just as much as the next person.
What is your response?
Many times, the response is to do nothing. There are three classical responses to a threat. Fight, Flight, or Freeze. The obvious motivator of the people trying to scare you is to use their product or service in order to fight the problem. Or maybe some way to hide or avoid the problem effectively that would be flight. But no one proposes freeze. And that is exactly what many of us do.
We avoid the problem, we try to not deal with it or put it off, so we do not have to face it. We put it off for another day. This is a perfectly normal human response to overwhelming fear and threats. In Stephen Pressfield’s excellent book “The War of Art”. He talks about this extensively. He refers to it as resistance. This is the human tendency to avoid doing the difficult things that we know we need to do and avoid it for another day or another place. Maybe tomorrow, maybe never. But as executives, we cannot simply do this.
Don’t Fall for It
Don’t fall for it. Don’t avoid the inevitable. Not because it seems too overwhelming. Not because it can be put off till another day. Not because you are not a cybersecurity expert and you don’t know what the heck you should do anyway. Face it or it will be your downfall.
Resolve today to move your cybersecurity practice forward even if it is only a little bit every day. When is the last time you had a cybersecurity study done? How about a penetration test? How often do your employees receive training on cybersecurity issues? Who is the cybersecurity authority in your company?
Don’t know? Then please get help. Find the people inside your company or outside that can help you today. There are many resources, but don’t avoid it. Don’t wait until it is too late. Prevention is your greatest protector. Please get started today.