Before you go back to work, read this.
2020 Has Not Been Kind To Business
Even though the previous one didn’t end that great either, COVID-19 is a massive wake-up call for every business. One of the many things that the pandemic exposed, was that many boards around the world were caught, to varying degrees, shocked and dazed. Once we reach a post Coronavirus world, examples of businesses that responded well will be sitting pride of place in everyone’s risk presentation.
Regulators have stepped up their game recently and they have only just begun. They’ve had to. Too many organisations have ticked a box and wiped their hands, thinking they were safe.
So, now is the time to ask: ‘what you are protecting and what you need to protect it from?’
Side Tip: just because you think you may not hold confidential information does not mean you won’t be targeted.
The Risk Detox
With COVID-19 doing enough interruption damage as it is, a Top 10 Global Business Risk (like a cyber incident) has got to be the last thing you need right now whilst you are trying to put your effort into getting yourself back on track.
The dominoes are too easy to topple. Quick example: Let’s take just the top global business risk right now. Cyber Incidents. Financially crippling as you know, yet also infects other risks like ‘loss of reputation’ (bye bye clients and market share) and ‘business interruption’ (also in the top 10).
Before your team starts to slowly come back to the office, how would you like a free mobile app which gives your entire team the ability to run a lightning fast accurate risk review? Here is an easy to follow 6 Step Guide to performing this, where your team (wherever they are) can operate in concert with the entire organisation.
You can easily get this detox done now, for the following risk domains:
1 – Board Risk Review
2 – Pandemic Response
3 – Cybersecurity
4 – Project Management Risks
5 – General Business
6 – Business Continuity
7 – Health & Safety
8 – Environment
9 – Operational Risks
The Cyber Detox
Head of Cybersecurity Andrew Robinson said last week: “Cyber adversaries are not taking a time out whilst you’re working from home. They see this as a once in a lifetime opportunity to gain a foothold in your network. They don’t believe in exceptions or moratoriums.”
Yep, all the animals come out at night. The good news is that if you can create a decent cyber resilience program within your business by bringing these below elements together, you’ll be on your way to a decent cyber posture.
Here are 5 action points, with guides containing everything you need to know where appropriate:
1 – Cyber insurance. Fergus Brooks guests on 6clicksTV here to get you in the right mindset.
2 – A cybersecurity risk review involving everyone in your company. You can use our 6 Step Guide for this as well.
3 – Get an Information Security Management System (ISMS). Pronto. Here is what you need to know and get started.
4 – Employee cyber security awareness and education across your organisation (employees & contractors) The Cyber Leadership Institute can provide you with a Cyber Resilience Bootcamp to get you started.
5 – Cyber professionals to implement. If you have an internal team, great. If not, make sure you include a trusted advisor in your third-party vendor risk reviews. We know plenty.
Getting the above done not only identifies gaps, it also determines how quickly you will recover if you are attacked.
All Together Now
These two excellent diagnostic and detox guides should give you the confidence you need to put your best foot forward post COVD19. The tech tools out there are waiting for you.
Takeaway #1: Shake off the spreadsheets and PowerPoint slides and unleash the wisdom of your people to bring the right results to your next risk assessment.
Takeaway #2: Start your Information Security Management System immediately. It is easier than you think. Start with what information you are protecting, and what you need to protect it from.
Don’t start your triumphant return behind the 8-ball
The question is ‘how can we be continuously glancing over the shoulder of our organisation’s present moment and feel confident?’ Well, put simply, the frame you put around your attitude to risk and information security largely determines your experience of it.
There’s no silver bullet for the unknown unknowns, but the right mindset is a damn good place to start.
Please, if you need a chat to get started with either detox, click the image below and we will chat soon!
- Use Case Spotlight: Information Security Management System (ISMS) - August 31, 2020
- How To Run a COVID19 Risk & Cyber Detox - June 4, 2020
- Business Origami: The Importance of Folding ISMS into Your GRC - April 8, 2020