It’s nearly 2018. And from the discussions I have weekly, it’s clear that business leaders understand far more about the risk of cyber threats today than they did even a few years ago.
However, so many business leaders I talk to still want to know if they’re doing everything they can to protect their companies.
Answer: They’re not.
The critical missing piece a business leader needs to protect his or her company from cyber threats? It’s a culture of security.
As the world becomes more connected, cybercriminals are finding new ways to attack businesses, to exploit vulnerabilities in technology — and the humans that use it. Some are even using the same innovative technology we use every day to defend ourselves as a weapon against us.
Just this year, we’ve seen new iterations of cyberattacks with unprecedented and chilling repercussions.
In May, ambulances were diverted from some of the 40 hospitals in the United Kingdom that were crippled by the WannaCry ransomware attack. Major U.S. brands have, and will continue to pay big – both in dollars and reputation — for major data breaches that exposed customers’ private information.
So many businesses are doing the basics: They are hiring a Chief Security Officer. They are buying the latest technology that integrates human-machine teaming and artificial intelligence to learn about, adapt to and detect threats. They are establishing baseline protocols for maintaining a secure environment.
But it’s no longer enough to just cover your bases. Cybercriminals are getting smarter and they’re still finding ways in.
A culture of security is the piece that activates all those security best practices and investments in technology. It’s the marker determining whether or not any of those things are worth it.
So how do business leaders do it?
First – they must get their employees on board. Employees can be a company’s biggest vulnerability or its first line of defense. That means building security into the vision and values of a company. And getting employees to acknowledge and commit to the security culture.
Businesses need technology that supports rather than inconveniences employees so that they’re motivated to make smart decisions, rather than looking for work-arounds.
And businesses need to think security first – whether that’s in designing new products and services, signing partnership agreements, in hiring new employees or anything else.
At McAfee, we’re building security into our culture not just because we live and breathe this stuff everyday – but because the business imperative for every company to protect themselves from unavoidable threat requires it. Join us.
For more on this topic, follow me on Twitter at @youngdchris and @McAfee.