Dabbling in Cyber Security: Not the Best Approach

Server, networking and security

Cyber security is a problem that small and medium businesses and not-for-profit organisations consider of little consequence.  The prevailing attitude of "it won’t happen to me" always comes to the fore when cyber security comes up in discussion.  I am not going to get on my high horse about that—not this time, anyway.  

Dabbling in cyber security is another common response.  By dabbling I mean not understanding the ramifications of that little change on the firewall, or having only one level of data backup or using Google to make changes to your systems without testing them before deploying it to the production network.

Dabbling in cyber security is like learning to fly:  You can take lessons, and in a few months, you can fly a small plane—similar to driving a car, except it goes up and down.  With additional training you can get your all-weather license and away you go.  The learning curve isn't too steep because the internal workings of a small plane and what's in the cockpit are relatively minimal.  There are not many dials, switches, buttons or levers to pull and push to make the thing fly.  

Now let’s take you out of that little plane and put you in the cockpit of a jumbo jet.  The number of dials, switches, levers and the like have increased 100-fold.    We are no longer talking small-scale.  Despite your training, you'd be ludicrously unprepared.

This is what happens when an under-informed person tries to take charge of cyber security.  Protecting your business from a cyber-attack through a directed hack, script kiddies or an insider does not involve just a few levers and switches.  It is a combination of technical know-how, regulatory compliance, business and cyber resilience, and both internal and external management expertise.  All these components have to work together to create a protective envelope around your business.

The whole cyber security protection process is similar to flying a jumbo jet.  You don't want to discover how much you don't know when you're 10,000 meters in the air.

I have a friend who is a financial adviser.  His clients come to him to invest, so that when they retire, their nest egg will be substantial.  He will often give a presentation to a new client, only to be told, "I want to discuss it with my friend”—or brother, father, mother, son or daughter.  These third parties have no understanding of the financial world, but the client will invest more weight in their advice than the advice of a professional.

I know we all do it.  We all have friends whom we bounce ideas and questions off.  You discuss health issues even though they're not doctors, you discuss building options even though they're not builders, and you discuss bathroom problems even though they're not plumbers.  The difference is that most of us know the doctors, builders and plumbers are the professionals, and we don't really expect untrained amateurs to know their jobs.

But when it comes to computers, the average Googler has a false sense of mastery.  Everyday people have little understanding of how complex the Internet, computers (desktop, laptop, phone or tablet) and the storage of electronic data can be.  The difference between knowing computers and being an expert is huge.  

An expert can assess the situation, rectify it and walk away long before someone who "knows computers" has worked out that they have a problem.  You will PAY for that expertise, but I would rather pay for one hour of a professional's time than nine hours from an amateur, especially when it comes to my business.

When it comes to protecting your business from cyber crime, get someone in who actually understands the problems.  Don’t just dabble!


Roger Smith

Roger Smith

CEO at R & I ICT Consulting Services Pty Ltd

Amazon #1 Best Selling Author | Experienced Cybercrime and Cyber Security Expert | Speaker | Consultant | Trainer You know how frustrating and frightening it is getting the right information about protecting yourself, your business and your client information from the digital world? I solve this. I put your business on a strict diet of good technology, the best management, meaningful adaptability and required compliance to make your business digital secure.

R & I ICT Consulting Services Pty Ltd

R & I ICT Consulting Services Pty Ltd 14 FOLLOWERS

Information and communication technology


Questions

Anonymous asks

Comments (2)

User
Loading...
Ling Lee

Ling Lee , at Digital Marketing and Personal Branding

Thanks always for your informative articles Roger! The thing is, some people don't always have the resources to pay! Currently, I am investing my faith in NortonAntivirus. Cheap and easy!

Wendy Huang

Wendy Huang , Full Time Blogger and YouTuber at A Custom Blog in 4 Minutes

It's a little bit scary to know that your whole identity can nowadays be tied to your computer and a good hacker can go in and access all your private files if you are not careful. In the old days of dial up internet Trojans and viruses are not as advanced as they are now, I don't even know what they are capable of!