Cybersecurity: You vs Every Mistake Made by Every Employee, Partner, & Vendor
Every day many businesses are forced online to CATCH UP, KEEP UP, and GET AHEAD. Imagine these people as your clients, vendors, and colleagues. How much do you think they know about online security? Are you willing to bet your company on it? What about your reputation? Your client data?
In 2023 online security will become vastly more critical, as increasing numbers of people and businesses are forced online to CATCH UP, KEEP UP, or GET AHEAD. After the mass influx of the past 3 years, just imagine the number of people this implies!
Many of these people are - or will become - your clients, vendors, and colleagues.
How much do you think they know about online security?
Are you willing to bet your company on it? What about ...
- Your reputation?
- Your clients?
- Your bank account?
New clients, employees, execs, and vendors are prime targets for cybercriminals:
By 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements. ~ Gartner
Increased online activity in our business or personal lives exposes everything on our computer and digital phone to every security mistake we make.
It also exposes everything on the devices and phones of those we are connected to.
Cyber-insurance, data privacy lawyers, security companies, RaaS (Ransomware-as-a-Service) and more are all ramping up - and they all want your money. Given a choice, let's put our money to good use and opt to pay our CISOs, techies, insurance companies and lawyers. It will cost less, and we will have the satisfaction of being able to #keepcybercriminalsunemployed. At least some of the cybercriminals.
Investment evaluations often include cybersecurity risk
If you are, or will be, looking for investment this year, keep cybersecurity in mind:
Investors, especially venture capitalists, are using cybersecurity risk as a key factor in assessing opportunities ~ Gartner
Bring in the techies
We can help. We have many titles and job descriptions: CISO, CTO, IT, Tech Support, DevSec... We are the army of cybersecurity people who strive to protect you, your data, and your business.
✳️ Some companies hire us and - randomly listen to us - or not - because - you know - it always happens to someone else, right? 🤷 And the kid down the hall can help with whatever we need - he certainly costs less! 💵
✳️ Some companies are amazingly receptive. 📣 Shoutout to the wonderful people and companies out there who do understand the value that tech people bring to their organization. We love you - please disregard the above paragraph! 🙋💻❤️
Whatever job we are doing for you, our aim is simple: to protect you from cybercriminals. And to protect you from employees who: get fooled by phishing emails, download unauthorized apps, or forget to lock the company laptop before the kids hit Facebook, Instagram, TikTok, et al. - potentially opening doors for criminals to walk through.
Let's bankrupt some criminals - or at least make them unemployed
And together we can. Cybercriminals have employees too - and office space, and clients. Yep - not even kidding. The article below outlines Lockbit's programs to "recruit company insiders" and "sponsor underground technical writing contests" to recruit new talent. Check out their affiliate program here:
In addition to affiliate programs, they also have a code of conduct. Yes - you heard that right: a CODE OF CONDUCT. Apparently targeting hospitals and sick children will get you banned from the Lockbit affiliate program, and attacking Colonial Pipeline will bring the wrath of the US government down on you, making it bad for business:
So let's take away what the criminals need in order to stay in business: Clients and money. The same things you and I need. They need clients to buy their products, and the clients need to make money from victims of their criminal implementation of this product.
How do we do this, you ask?
Now that is the RIGHT question!
Leadership and cooperation across all departments is a big first step. So grab coffee with your CISO or CTO (hire one if you don't have one!). Or... make a fresh pot of coffee, order some donuts, and invite your CISO/CTO, your CFO, a couple of Managers, and ?? You get the idea. Let's all work together to do what's best for our organizations.
And here's the catch - you must participate. YES - you must participate. Leadership is as Leadership does, so get your Leadership motivated. Execs, Board members, Directors, Managers... whoever is on your list. What you do, everyone else will do!
Final TakeAway
We can protect our data, and our employees, vendors, clients, families, schools, hospitals, government offices, and anyone else we need to protect. We can safeguard personal data and our businesses and families. Not 100%, of course. A Best Practices cybersecurity plan also puts effective systems in place in case bad things happen.
Creating and implementing a plan takes time, so let's do what we can, which is simply to get started.
AND - BONUS - being cybersecurity-aware means you can RAISE THE BAR against your organization's competition. Proudly add "Cyber Security Certified" medallions to your website. Encourage your employees, colleagues, family members, family friends - in fact encourage everyone to sign up for online security education. And please set up a "guest network"on your router at work and at home.
Send information to your community center, library, school, city hall... the list is endless - and the cyber criminals have EVERY number on that list. It's easy to make their job harder - and not expensive.
This article says many things, and leaves out many things (it’s an article, not a book — I did try to remember that 😉). Maybe you see a follow-up article that YOU could write?
Let’s keep the conversation going!
📣 Share this with your network or a friend!
✅ Leave a comment - Send a DM!
Let’s Keep Cyber Criminals Unemployed!
⭐️ Stay safe! ⭐️
