I have been asked if the cyber security industry needs more advanced solutions to combat to challenges faced today, and I don’t think we do. Most of the successes from cyber criminals are achieved using methods that have been around for years. From not patching a system, using default or easy to guess credentials, or falling for social engineering and giving up your credentials. There is an amazing suite of tools and services that are well positioned to accept the challenge and give you peace of mind, while knowing that there is never going to be a 100% solution.
The biggest challenge I see is with cyber security inexperience, or a small IT shop that promotes its cyber security model, but in reality all of their time is spent putting out fires on reactive responses. There is no single test, or single association that can proclaim they know it better than the next, and it places business owners in a tough spot on finding the right solution and partner to protect their data.
The best thing for you to do as a business owner is to do annual checks and balances on your partners or even the internal staff, and you achieve this with a third-party security audit. In today’s world of cyber security, it’s not a threat of you’re not doing your job. It’s a let’s have someone that knows nothing about what you’re doing try to get in and see what they find. That fresh set of eyes will likely uncover something every time.
Not only by adding this to your plan in 2021 will you better protect yourself, but you align yourself more with industry standards, compliance requirements, and will likely be able to provide that report for a savings on cyber security insurance which after 2020 is sure to rise.
