No excuse for not having a cybersecurity plan
If you don’t have a dedicated line item in your budget for cybersecurity, you’re not alone.
If you do, you’re in rare company, but don’t start patting yourself on the back just yet! Cybersecurity requires foresight and a long-term commitment from your leadership team, and there’s no excuse for not having an ongoing game plan, no matter the size of your business.
Unfortunately, more often than not we hear a lot of excuses about why people haven’t dedicated time or resources to their organization’s cybersecurity.
Some of the most common?
“I can’t afford it right now”
If you can’t afford it, you certainly can’t afford the cost of a breach, either, after which you will likely happily pay for additional security. How expensive is an average breach, you ask? On the low end, mid-five-figures into six figures. That’s $50,000 to $100,000+, not to mention the potential damage to your customers, vendors, and employees and reputation. Some companies never fully recover.
“It’s too complicated”
We get it. It’s not easy. The good news is you don’t have to solve this problem by yourself. A lot of good guys are working on it, and it’s our job to implement and manage these solutions for you, and monitor what’s going on in the industry to stay current. If you let us do the job for you, most bad guys will look for an easier target—and there are plenty of them out there (including you if you don’t currently have a cybersecurity plan in place).
“It’s not a priority right now”
Again, we get it—lots to do and little time to get it all done. But if you get hacked, it will become priority number 1, 1a, 1b… until you aren’t ‘hacked’ anymore. Even if fixed well, you’ll have to find the time to identify, mitigate, respond, and recover. It’s not just an inconvenience, this hack could eat up a lot of your time. Isn’t it funny how it’s a priority to fix, but not a priority to prevent? That probably means you need to shift your priorities.
“I have insurance”
Probably? Maybe? But keep in mind: Warren Buffet isn’t willing to let his insurance companies underwrite cyber insurance in a significant way. According to Buffet, “We don’t want to be a pioneer on this … I think anybody that tells you now they think they know in some actuarial way either what [the] general experience is like in the future, or what the worst case can be, is kidding themselves.” Essentially, you may not be as covered as you think you are.
These are just a few of the most common excuses I’ve heard, and that’s exactly what they are: excuses. That might be okay for the time being, but someday those excuses could turn into a very costly problem. The threats are real, persistent and pervasive, and as leaders, it’s our job to address them.
Talk to the folks responsible for managing your technology, and join the ranks of leaders making prevention of cybersecurity breaches a top priority, rather than an expensive afterthought.