Each Sunday, our goal is to share a piece of gold with you. Some small piece of information that helps you to have a better week and achieve a better outcome.  

As you may be aware, October is Cybersecurity Month. As a result, I thought it would be appropriate to share a few thoughts. Often, people think of cybersecurity as a “have-to-have” to keep the bad guys out and keep their organization’s name out of the news. While this is true, I would also share that there are major implications for your culture and the confidence of your team.  

If the people on your team who trust you to protect their personal information find out that their social security number or other private information has been compromised because of poor practices on the part of their place of work, it certainly erodes trust.  

Additionally, if an organization is dealing with security challenges, productivity is slowed or completely stopped. This creates problems for the business as well as problems and stress for your people. Everyone will be aware that the work is stacking up or may have to be duplicated to ensure that business continues.  

Good people want to do good work. When that is inhibited because of security challenges, it will certainly have a ripple effect within the business and the confidence of the people making the business operate.  

Below are the top six things you need to ensure are in place to protect your company and your people.  

  1. Security Design – Many networks have been in place for 10+ years where components are upgraded as necessary, but there has not been a full redesign with a security first mindset. Upgraded networks do not necessarily equal secure networks. Make sure your network has all the most recent best practices in place based on current standards.  
  2. Multi-Factor Authentication (a.k.a. MFA) – All organizations should have MFA enabled on their email, any accounts with elevated access, and network infrastructure.  
  3. Phishing Training – People are still the primary area of focus by criminals seeking to gain access to a network. Helping your people to identify a phishing email quickly and properly will substantially reduce the likelihood of a compromise.  
  4. Spam Management – If an effective spam solution is in place, you will minimize the amount of phishing emails that users must identify.  
  5. 24x7x365 Monitoring – The bad guys never attacks when it is convenient for us. It will be at 2:00 AM on a Saturday morning when 98% of people are sound asleep. Having an alerting system that can trigger actions around the clock is vital to success in combating cybercrime.  
  6. Insurance – Having proper cyber liability insurance in place is critical. Make sure to work with an agency who knows about these policies, the exclusions and requirements, etc., and can ensure you don’t end up in a situation where you thought you had coverage but do not. I recently reviewed a cyber liability policy for a client that had an exclusion for ransomware… which is the whole reason the client was putting it in place. Just because it says “cyber” doesn’t mean it covers all threats.  

By protecting your network, you are protecting your business, and protecting your people. Unfortunately, these areas of focus are requirements to do business in today’s world. They are frustrating and expensive, but requirements, nonetheless.  

The goal of Adapt or Die is to build better leaders who run better companies and change the world. Below is a link to our full Cybersecurity Checklist that you can use to ensure you have the right protections in place.

https://www.jmark.com/wp-content/uploads/2021/06/Cybersecurity-Checklist.pdf