This article is devoted to outlining who should take responsibility for cybersecurity in your organisation. If you are the leader or decisionmaker, who else, apart from you, is going to lead with this?
If you are not the decisionmaker, and there has been no cyber risk assessment, the organisation could be in trouble and may not recover from attack.
I recommend that you read Whaling for Beginners
You can obtain a free PDF or e-Book version from the link above.
In this short, based-on-fact and gripping modern-day fable, a company boss clicked on a link sent from an old (and presumed forgotten) school chum.
He regretted it immediately. The malware in the link proceeds to not only hack his company network, but their client’s networks too.
The book charts the fallout for the company but also forces the boss not only to take responsibility for his own culpability but also to realise that the tech alone does not protect you.
Without security policy, risk assessment and mitigation you are vulnerable.
“We took technology at face value. Technology is nothing without people. People use technology. They can use it and they can abuse it.
They can let it make them lazy, or they can use it to be amazingly creative. The point is, it’s a tool. It’s only as good as the people that use it. I’m the fool that clicked on a link in an email that I shouldn’t have.
I assumed that the antivirus would save me. I assumed that my firewalls, my expensive tech, my IT team made me immune to my own carelessness. They didn’t….”