How do “you” protect your cyber capital?
Cyber crime is on the headlines once again.
Cyber-crime is in the news once again, this time leading on the near £775 / €880 personal cost to individuals who were scammed at Christmas time. This is the average for each incident of online shopping fraud. When you think that the average cost of Christmas is €1305 then it goes to show the impact of cyber-crime can be huge.
And this direct cost of crime pails into insignificance when we think of the knock-on costs that can come from cyber hacks, ransomware, and breaches of data privacy. Lest we forget just back in October the ICO fined British Airways £20m / €23,4m for a breach affecting 400.000 consumers — making that £50 / €58,50 per breach. The simple fact was they hadn’t got the right security in place, and so landed the fine.
We can’t sit on our hands
It is depressing to acknowledge, but there is an active, motivated and unrelenting band of cyber-criminals out there who want to win. They are looking for our weakness and praying on our generosity. As consumers, and businesses, the harsh reality is that we can not afford to sit on our hands.
Here come the sighs
As business professionals we have all been here — in the project planning meeting when GDPR, data protection, platform security and a list of other ‘information burdens’ are placed into the project scope. The collective groan audible even over muted zoom users.
But this attitude has always fascinated me. I liken it to Romain Grosjean needing a near-death experience to realise that the halo is indeed a good idea in Formula 1.
Why do so many need to experience the pain, or live the failure, to appreciate the value of protection? 2. Why do so many consumers need to lose, or companies need to be hacked, before they take cyber resilience seriously enough?
Cyber-security is like water down a window
The truth is, we are creatures of habit, our default mode is so often ‘path of least resistance’, acting like a droplet of water rolling down a window finding the easiest path. And the biggest influencer is that we succumb to immediacy over importance. The needs of now outweighs the merit of the need.
And when it comes to cyber-resilience, there are few greater organisational needs. The stick is clear — hacked and you lose money, fail to prepare and prepare to fail. And yet too few CIOs and Data Officers are fully succeeding in actioning and commutating the importance of cyber-resilience; many not even explaining the positive upsides at all.
Our top tips to selling cyber-resilience internally
1 Align the narrative to the business strategy
Companies act faster when they want to achieve something — rather than be protected from something. Cyber-resilience can be aligned to elements of your business and technology strategy that, in themselves, may not be directly driven by security concerns. In this way, you can ride the coat-tails of the business momentum behind these initiatives.
2 Avoid pin-point solutions
Stand-alone cyber-resilience solutions lead to a fragmented technology landscape, which if operational strategies or personnel changes, can lead to redundancy and neglect. Conversely, if momentum builds to broader information management and governance topics, pin-point tools can quickly be outgrown. Choose technology providers like Micro Focus who have end-to-end solutions that can be tailored to your starting point.
3 Demonstrate the positive value of nothing
“We don’t know what we’ve got ‘till it’s gone” — everyone knows the expression, but you need to find a way of commercialising and communicating the value of a resilient ecosystem. There is direct value out there, and also leveraged value — find it, and tell people about it.
From resilience building to organisational storytelling…
If you are interested in this topic and discuss further, please leave a note in the comments below.
