Talk about awkward. Your boss has called you onto the carpet to explain why you didn’t do more
to prevent the hacking that has disrupted your business, costing it beaucoup bucks. Here are
four strategies for handling this uncomfortable situation:
- Spin it as flattering commentary on the quality and attractiveness of your data.
- Make the point that everyone should be proud you made it this long before a security event. (Strengthen your position by demanding a raise.)
- Suggest it had something to do with the coming solar eclipse.
- Apologize, say you should have hired Emerge, and then promptly leave the room to give us a call.
OK, on a more serious note…avoiding such a chat with your boss requires some preventative
measures. However, some common myths sometimes prevent companies from doing what they
can to meaningfully reduce the odds of a hack wreaking havoc.
One of our security experts, Jeff Aiken, called out four of these myths:
Myth One: Cybersecurity is something I don’t need to worry about. Every company with
computers and an internet connection needs to fret over cybersecurity. Jeff points out that
China’s digital bad actors outnumber our good ones 50:1. The cybersecurity threat is genuine
and not going away.
Myth Two: My company’s too small to be a target. Bad actors are attracted to smaller
companies because, they assume, their cyber defenses aren’t as robust as those of larger
companies. In addition, Jeff says, when hackers target larger companies, they often gain
system access via a smaller company that serves as a vendor or partner. Remember that
explaining a breach to a customer is even more challenging than explaining one to your boss.
Myth Three: Cybersecurity is too expensive. Jeff notes that cybersecurity measures are
almost always more affordable than customers expect. For instance, cybersecurity awareness
training is one particularly cost-effective measure. (This is especially true because human error
of one sort or another is almost always the reason for a breach.) Besides, Jeff notes that the
cost of a breach dwarfs the cost of decent security measures. IBM puts the average cost of one
at $4.4 million. Yikes!
Myth Four: Cybersecurity is always complex and challenging. Cybersecurity need not be
particularly complicated. For example, Jeff explains that some people associate cybersecurity
with long, convoluted passwords that must be changed frequently. With sufficient multi-factor
authentication (MFA), 14-character passwords can be adequate and used for months, if not
longer. (Jeff also notes that Microsoft 365 comes with free MFA, though about 80% don’t use it,
putting their company at risk.)
If you’d like to discuss whether your cybersecurity is as robust as it should be, call us at 859-746-1030. Then, you won’t need to have that uncomfortable chat with a boss or customer.
