Big Business Cybersecurity for Small Businesses … without the Big Cost


This week, I received a communication from Gartner, the global research and advisory firm that provides information, advice, and tools for leaders in IT, finance, HR, customer service and support, communications, legal and compliance, marketing, sales, and supply chain functions.

The article Gartner sent to me contained two-year-old advice on how leaders of big businesses should be prepared to answer five board of directors’ questions concerning assurance, compliance, and support for security practices. Gartner’s 2019 advice has withstood the test of time. Regardless, the consensus thinking that “cybersecurity incidents are inevitable” has been proven to be true and cybersecurity is taking on an increasingly important role at big businesses. Cybersecurity is a significant issue for directors of big-business boards, for leaders of big businesses, and for millions of employees at big businesses.

How you can improve cybersecurity at your business –

Gartner categorized the questions into five buckets:

  • consider your goals and the value you expect to receive when you achieve your goals,
  • consider your risks and the cost of reducing/mitigating those risks, and
  • weigh the pros & cons tied to your reward/risk options and decisions.

 

You can complete a cybersecurity program in a few hours.

Many leaders of smaller businesses have spent a few hours checking their business rewards and cybersecurity risks and found themselves motivated to take their businesses to the next level.

  1. Are our security risks and rewards in balance?,
  2. What security do we have in place relative to others?,
  3. Do we understand and compare our various security risks?,
  4. Are we allocating our resources properly?, and
  5. How did that security problem surprise us?

 

Those 5 questions are not intended to completely cover the things you need to consider when you want to take action to reduce your cybersecurity risks. They are 5 examples of areas that need to be considered if leaders of all businesses [small or medium or large] want to reduce risks, spend budgeted-money wisely, and increase peace of mind.

An example of the next level of detail –

Ask yourself the question,

Are our security risks and rewards in balance?

Business is about taking risks to obtain rewards. The more the risk, the higher the opportunity for reward and, all else being equal, the greater the potential damage if “incidents” happen.

We define “incidents” as small or large cybersecurity failures. Small failures bring small problems. Large failures can bring large problems, which we define as “breaches”. Whether small or large, “incidents” provide the opportunity to learn lessons…lessons that can be small or painfully large.

Incidents are inevitable. Yet, you can avoid most of them and take action to limit your risk.

To determine if your business risks and rewards are in balance, you can:

  • consider your goals and the value you expect to receive when you achieve your goals,
  • consider your risks and the cost of reducing/mitigating those risks, and
  • weigh the pros & cons tied to your reward/risk options and decisions.

 

You can complete a cybersecurity program in a few hours.

Many leaders of smaller businesses have spent a few hours checking their business rewards and cybersecurity risks and found themselves motivated to take their businesses to the next level.

  1. the trade-off question,
  2. the landscape question,
  3. the risk question,
  4. the performance question, and
  5. the incident question.

 

Using the thinking that led Gartner to establish those 5 areas of cybersecurity concern, we have created questions that will help you address your cybersecurity situation and create affordable cybersecurity initiatives.

An introduction to cybersecurity questions:

  1. Are our security risks and rewards in balance?,
  2. What security do we have in place relative to others?,
  3. Do we understand and compare our various security risks?,
  4. Are we allocating our resources properly?, and
  5. How did that security problem surprise us?

 

Those 5 questions are not intended to completely cover the things you need to consider when you want to take action to reduce your cybersecurity risks. They are 5 examples of areas that need to be considered if leaders of all businesses [small or medium or large] want to reduce risks, spend budgeted-money wisely, and increase peace of mind.

An example of the next level of detail –

Ask yourself the question,

Are our security risks and rewards in balance?

Business is about taking risks to obtain rewards. The more the risk, the higher the opportunity for reward and, all else being equal, the greater the potential damage if “incidents” happen.

We define “incidents” as small or large cybersecurity failures. Small failures bring small problems. Large failures can bring large problems, which we define as “breaches”. Whether small or large, “incidents” provide the opportunity to learn lessons…lessons that can be small or painfully large.

Incidents are inevitable. Yet, you can avoid most of them and take action to limit your risk.

To determine if your business risks and rewards are in balance, you can:

 

You can complete a cybersecurity program in a few hours.

Many leaders of smaller businesses have spent a few hours checking their business rewards and cybersecurity risks and found themselves motivated to take their businesses to the next level.

Together our conversations can expand solutions and value

We look forward to helping you bring your ideas and solutions to life.
Share the Post: