– By: Dr. Gene Lloyd –
Employees in technology divisions of companies generally understand that the company’s senior leaders don’t have the level of knowledge needed to make serious decisions regarding cyber security issues. These leaders shouldn’t be expected to have intimate detailed knowledge of how to implement solutions, but every C-level leader should, at the very least, understand these few important topics before they make decisions that affect the security of the network:
1. Your CISO, CIO, ISSO, or any other mid/senior level position may not have the best solution to the problem. People in these positions often have a great degree of experience and knowledge, but also tend to rely on standard methods instead of looking outside the box for more creative solutions. Always include the opinions and suggestions of the technicians doing the work and balance those with what you are hearing from these positions. This method will usually give you a broader degree of information and allow you to make a more informed decision.
2. Open source software is not inherently bad. Just because it is free (or cheap) doesn’t mean that it is not effective. Many organizations scoff at open source software and then spend tens of thousands of dollars on commercial products that are not always better. In the security world specifically, many of the best applications are open source. Your team will be much happier if they have more flexibility in this area and you can shave some money off of your budget at the same time.
3. Don’t be afraid of limiting your employees personal use of company internet resources. It’s not surprise that employee’s often use the company’s internet connection for personal use throughout the day, but what they are allowed to do should be governed through technical measures in addition to policies. Limiting employee web activity to a handful of websites will greatly reduce a major avenue of how malware ends up on your internal systems.
Gaining the correct perspective in the cyber security arena is paramount to staying safe. Shifting your current perspective, even just a little, will help to brush away some of the older stale ideas that may still exist in your company. We would love to help you implement these ideas in your organization. Sign up below for access to our free video about saving time, money, and resources in cyber security and to schedule a free cyber security consultation with a proven expert in the field.
Sign up for a FREE consultation
Get a free 1-hour telephone consultation with a cyber security expert with no required commitments -- a $500 value!