Beware the shiny object
If you are in business, you are concerned about cyber security. The best solutions deploy technology and engage employees.
It is that time of year again when the little part of me says it is time to declutter and simplify my life, clear the calendar, update the budget and get rid of all the junk in the house. Funny how that happens every Q1!
As I reflected about this, I was reminded of a picture on LinkedIn from last year called the "CYBERScape". View the pdf here. There are an impressive number of security products out there, most of them with the claim of being the best.
Is it time that we do some decluttering of the security products we use in our technology environments?
Just like in life, I think our cyber security programs could use a good dose of simplification. It seems to me that we keep making the same mistake over and over. Cyber security is not about the next shiny object, it is about people, risk and critical thinking.
I'm not here to judge. In my nearly 20 years of managing security programs, I have certainly been guilty of seeking "shiny new objects". It is easy to get excited about new technology filled with the promise of faster, bigger and better. However, vendors do have some great solutions that make our job easier on many fronts.
The point I am making is that there are actions we should take to elevate our cyber security besides getting new toys. Topping my list of recommendations is completing a thoughtful, comprehensive risk assessment to understand what is important to the organization and what threats could create loss exposure. Don't just check the box on this one. It could save thousands of dollars down the road for your company.
Since I've been at Augeo, I have learned something valuable from my colleagues who work on our engagement programs. Engagement is what our company does – engages customers, members and employees to help organizations grow. Our team is building a security engagement program that motivates every employee to understand their part and how they make an impact in our cyber protection. We help employees at every level to identify specific actions they can take to maintain our cyber security!
Having worked in cyber security for many years, I will take a company of fully-engaged "cyber helpers" over a new shiny tool any day – unless of course, someone creates a product that enables me to go back in time to prevent a security incident before it happened. Admittedly, that would work as well.