Knowing you are vulnerable is the first step towards building a strong business security culture. Don't fall into the 50% of companies that fail after a cyber attack.
The recent images of methane swirling on the surface of the North Sea were striking. Not only because of the violent nature of the attack but also due to what it represents in terms of security. The sabotage of the Nord Stream pipelines served as another stark and unwanted reminder of the vulnerabilities we face when it comes to protecting our critical assets.
In the wake of this attack, several countries announced increased security efforts around their energy infrastructure. Norway called for “increased vigilance” and the British Royal Navy said they were keeping a “close eye” on the critical vulnerabilities. We are also witnessing organizations across Europe broaden their scope for what’s considered national infrastructure, a move that calls for additional security measures across more assets and services.
The Nord Stream attack was a threat that had been forewarned, and its damage highly visible. But not all attacks are equally transparent. And we must be prepared for both kinds. Unfortunately, the likelihood of some kind of cyber incident is higher than ever, and a lack of preparation all but ensures a business’ ultimate failure, according to a 2020 report from Deloitte that shows 50% of unprepared businesses fail after an attack. So, the question is, what can we do about it?
My answer to this can be summarized in two words: build resilience.
It’s an answer that’s not meant to be flippant, but rather a statement that gets straight to the point of what organizations must do in preparing a form of "cyber attack survival kit". Building resilience is not an overnight task nor is it something that can be outsourced. Rather, it is about how you approach security at your core, from the employee culture you create, to how you pick your partners and vendors, to how you design your solutions, to what you think about before every project, every step of the way.
It may be easy for me to say this, as a technology leader for a video technology company that eats, sleeps, and breathes security. But we didn’t get to this point without dedication, effort, and investment – and employees who are willing to put security first in everything and help our customers do the same.
How has your organization planned to enable business continuity?
Resilience comes when you create a plan. It’s about asking:
- Where are your vulnerabilities?
- How do you respond to a cyber attack on your organziation?
- What solutions do you have in place to serve as back-up?
Having a business continuity plan in place against cyber attacks can ensure that when an attack happens, whether to infrastructure or to your network, you won’t fall into the 50% that failed as a result.
Resilience also comes when you make security a part of working in your organization. Some call it a security mindset, while others may call it security culture. It’s essentially all about raising security as a top priority, discussing it regularly, being open about the threats and vulnerabilities, educating yourself constantly and ensuring that everyone you work with takes it just as seriously as you do.
People across your organization are exchanging information daily. They are collaborating with external partners. They are hiring service providers to support them. And they are storing information in various places. These are your vulnerabilities – and being aware of them and making conscious decisions about how you communicate and share information can make all the difference. This is resilience in action.
Want to learn more about cyber security, Zero Trust, and video conferencing data security?