“Cyber Security is under control, I think…” – CEO
How many times do you hear a CEO say “The finances are under control I think. The finance department said they were okay.” My bet is never.
No CEO is going to just accept that the businesses finances are “okay” on the say so of someone else. They’d rightly demand evidence. They’d need to see P&L’s, Balance Sheets, and management reports. They’d want to see
comparisons to equivalent periods. They’d want to know trends.
They would also want to know what plans were in place to ensure positive trends and growth strategies. Any CEO worth their salt would also be continually reviewing the strategy to advance the business. In short, they’d have a strategy.
A significant Cybersecurity breach can send a business to the wall a lot quicker than the business finances can. The statistics for businesses in the $1m to $200m turnover range (SMBs) are that 60% will be closed within 6 months of a significant Cybersecurity breach.
That’s a staggering statistic when you consider that SMBs are nearly 100% likely to suffer a significant Cybersecurity breach within the next 3 years according to Forbes. We see breaches happen everyday, and I’m sure you’ve read about the most publicised ones regularly yourself.
Yet I regularly meet with CEOs that tell me that they think their “IT guys” have their Cyber Security “In Hand”, whatever that means.
However Cyber Security is NOT an IT problem. It is not for the IT department to handle. It is the CEOs responsibility to have a clearly defined strategy in place to manage Cybersecurity.
Sure the IT department have a role, the same as the HR department also have a significant role (probably the most significant), as do the Legal Team, the Marketing/Sales/PR departments, the Finance Department, and the Board as a whole.
It is a company wide issue for Every business. It can only be
effectively dealt with from the senior management of your business.
And, unless you as a CEO take charge, you are aboard the Titanic, and the waters around are icy.
The good news is, it is easy for any decent CEO to mange an effective
Cybersecurity strategy. If you are smart enough to run an SMB, you are definitely capable of implementing an effective Cybersecurity strategy to help safeguard your business. And the good news is, it doesn’t have to cost much money. You probably already have most of the resources you need.
Step one is to take control and recognise that it’s your responsibility.
At BIS we specialise in working with CEOs and SMB leaders to gain control of their Cybersecurity, and build resilience in their business.
Cyber Criminals are not going away anytime soon.
Ross Marston
Founder and Chief CyberSecurity Strategist Business Intelligence
Security.