Most companies approach security in the same manner. They create systems and strategies to stop, identify, or track an intruder so that they can halt or reduce the damage.
Sounds like a good plan, right? Only in many ways, it’s backward thinking.
Criminals think the same way. It’s their approach that differs.
Hackers use the same tools that companies do to look at a network. But while your security team is looking for ways to stop criminal behavior, a hacker is merely looking for a way in. They are looking for a tiny hole in the foundation. They need just a small crack to enter, and once the keys to the kingdom are granted, only then does the fun begin.
As a business, you have a security strategy in place. No matter how much thought and planning you put into it, you’ve developed a plan that you assume keeps your free and clear from danger or a threat.
But most security plans look at the big picture. They choose big picture tools to cover eminent threats. Most security tools are built on the premise of threats that already exist. They look to plug holes that have already been discovered. They put patches on cracks that have been proven problem areas.
Just because they were threats to a company down the road from you, or halfway around the world from you, doesn’t mean you have the same risks. You’re a different company. You have different products and services. You have different needs.
And that means your threats are different too.
Cyber security has its own techno lingo. Start talking firewalls and data center protection systems, and you’ll quickly lose the attention of many upper management personnel. But if you talk risk management, the dialog is likely to change.
Where security looks at the system as a whole, risks identify weaknesses. Security takes a general approach while risks identify specifics.
A good security strategy might be to put a firewall into place, ensuring only employees have access to certain parts of the system. Someone focusing in on risk might ask a different question. They might want to know how your data is safe from a disgruntled sales rep.
General. Specific.
Once you start looking at the two as separate units, you can start to define which holes are worthy of plugging. What areas of your system need more protection than others.
Because while your ultimate security strategy might be to protect you from all danger, we all know we live in a world where that can never be.
The only way we can reduce our risks is to identify the most perilous to our businesses, and ensure we have that covered in our overall plan.
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.