Due diligence is always a concern after a data breach. The amount of liability a company has with a data breach can often be determined by the level of effort and emphasis the organization placed on securing the data. To ensure your organization is mitigating its security risk, and reducing its liability, here are three cybersecurity questions every business leader should ask their technology team.
How would we know a data breach occurred?
When was our last risk assessment and what progress has been made to mitigate the risks identified during that assessment?
Do we have expertise on staff to deal with the changing threat and regulatory landscape?
There are some obvious answers you could expect to hear, such as “We know our systems really well, so we will know if there is a problem” or “If our data is missing, we will know there’s been a breach.” These are not acceptable answers. The technology team should be held to a higher standard and should be expected to provide concrete evidence revealing how they would know if a data breach occurred.
Listen for answers that include things like 24/7 security event monitoring and advanced threat detection. If these types of security activities are happening, your technology team will be able to provide months of event logs (SIEM reports) that have been reviewed for anomalies or malicious activity. Challenge them to provide you with those security reports and to explain them to you. This will hold your team accountable to security best practices and provide you with the knowledge needed to make appropriate risk-based business decisions.
The goal here is to make sure an assessment is completed every 18-24 months and that incremental progress has been made to address the identified risks. Technology, and the way we use it, evolves daily. Ensure your team is in tune with the risks that face your organization, and make sure they are acting on the knowledge gained in the assessment.
This will help identify if the team needs help with capacity or training. Perhaps you already have a security team. Great, but do they have the skill needed to fully protect the organization? If not, can they get them? Should they? Are contracts or retainers with cybersecurity experts a better solution? The goal here is collaboration. You want to make sure the team knows you’re more focused on solving the problem rather than laying blame. This will encourage them to discuss areas of high risk with you.
Business leaders that get answers to these three questions will be far ahead of many of their peers and competition. While there is a “right” answer to every one of these questions, the “right” answer will be different for everyone. The important part is to ask the questions and then ensure the “right” answers are supplied.
Through this process, if you discover that you need some cybersecurity expertise, Pratum is available to help. We can perform everything from IT Risk Assessments to full on Virtual CISO services.Contact Pratum