President's Message - July 16, 2021

5 Stages in the Journey of Cybersecurity for Organizations

1. The first stage is obscurity. For very small companies there is no data and no infrastructure to hack (except maybe a PC with QuickBooks). This is assuming they aren’t using a CRM and not taking credit cards for payments.

2. The second stage of cybersecurity is to bring in a service provider to help manage some growth. MSP’s build a technology security stack, help with the maintenance of the network and get the company to the second stage.

3. The third stage is to buy cybersecurity insurance. Many companies have stopped at this stage but because of recent incidents, the price for insurance is going up. You will also have to prove that you are doing the cybersecurity basics to cash in on that policy when a breach happens.

4. The fourth stage is to build a security program. Have a written information security program, communicate it to your users and begin to train users. This stage usually comes when you want to work more closely with your customers and begin to share data. The shared data is what makes people aware of the need but the rewards are closer relationships with your customers and a sales advantage.

5. The fifth stage is the realization phase. Cybersecurity compliance is not just an IT department thing. It has to be built into the company's culture. The practice has to happen monthly, weekly and in some cases daily. The proof that you are doing the right thing has to be continually monitored, tracked, and readily available for when something goes wrong.