By Mark Shaw
Businesses are starting to wake up to the growing need for cybersecurity. Your worlds have changed, and everyone rushed on day one in April to take their computers home, get VPNs set up and now you are in a mixed state.
Some staff are home, others are in the office full time, others swing in and out of the office on a flexible schedule. This has produced some wonderful changes in the way we work; it has also provided cyber criminals a series of new methods to attack.
What we are seeing is a growing need to treat cybersecurity differently. This is not an IT problem. Your internal or external technology resources should not be the same. You need to consider a clear separation of church and state in your organization.
Why? I`m sure you are asking why would you need a second company involved in your day to day technology? I have an IT team, why do I need someone else? I have an outsourced IT firm, why wouldn’t they be good enough? Let`s spend a few moments and discuss the rationale for having a separate and completely distinct cybersecurity firm.
Would you go to your dentist and ask them to check out a pain in your foot? Would you hand over all cash flow to one person with no oversight? Probably not, right? As a business owner you need to be sure that you have the right people in the right places with checks and balances.
Often, we hear that the businesses think that their current IT leadership, be it internal or external, can handle it because they know us best and would therefore be the best people to do the job. That sounds great until you have a breach or an exposure, and you start to question everything. I like to describe it like this.
We all remember the days of doing papers for school. We would write them, read them, re-read them and try the bottom up method where we read from the bottom to the top. At that point we are positive there are no grammar mistakes, not a single flaw in punctuation, A-plus here we come. Then the paper comes back B-plus. Woah.What happened?
It`s simple. You did all the work, you had the best intentions, but you lacked a second set of eyes. Small things were missed that would be picked up quickly had you had someone else review it. You were so close to the work being done; you missed some basic things. This is exactly why your current technology resources should not be doing your cybersecurity. Sure, they are great people who do great things, but they are checking their own work.
Cybersecurity in today’s world demands that you have a second set of eyes. In this case it wouldn’t be a missing comma, it could be your company’s data and life blood of the organization. It could be a small oops that now has you dealing with a PR nightmare and possibly closing your business. In that moment, the idea of one set of eyes managing your organization’s technology and cyber security doesn’t seem so cost effective, or simple.
The threats are complex, you have great people doing your technology, don’t put them or your company in a bad spot. Get a cyber security company to partner with your technology team. Do it for them, do it for your peace of mind. There is a lot going on right now, we could all use one less thing to worry about.