Dabbling in Cyber Security: Not the Best Approach

Server, Networking & Security

Dabbling in Cyber Security: Not the Best Approach

Cyber security is a problem that small and medium businesses and not-for-profit organisations consider of little consequence.  The prevailing attitude of "it won’t happen to me" always comes to the fore when cyber security comes up in discussion.  I am not going to get on my high horse about that—not this time, anyway.  

Dabbling in cyber security is another common response.  By dabbling I mean not understanding the ramifications of that little change on the firewall, or having only one level of data backup or using Google to make changes to your systems without testing them before deploying it to the production network.

Dabbling in cyber security is like learning to fly:  You can take lessons, and in a few months, you can fly a small plane—similar to driving a car, except it goes up and down.  With additional training you can get your all-weather license and away you go.  The learning curve isn't too steep because the internal workings of a small plane and what's in the cockpit are relatively minimal.  There are not many dials, switches, buttons or levers to pull and push to make the thing fly.  

Now let’s take you out of that little plane and put you in the cockpit of a jumbo jet.  The number of dials, switches, levers and the like have increased 100-fold.    We are no longer talking small-scale.  Despite your training, you'd be ludicrously unprepared.

This is what happens when an under-informed person tries to take charge of cyber security.  Protecting your business from a cyber-attack through a directed hack, script kiddies or an insider does not involve just a few levers and switches.  It is a combination of technical know-how, regulatory compliance, business and cyber resilience, and both internal and external management expertise.  All these components have to work together to create a protective envelope around your business.

The whole cyber security protection process is similar to flying a jumbo jet.  You don't want to discover how much you don't know when you're 10,000 meters in the air.

I have a friend who is a financial adviser.  His clients come to him to invest, so that when they retire, their nest egg will be substantial.  He will often give a presentation to a new client, only to be told, "I want to discuss it with my friend”—or brother, father, mother, son or daughter.  These third parties have no understanding of the financial world, but the client will invest more weight in their advice than the advice of a professional.

I know we all do it.  We all have friends whom we bounce ideas and questions off.  You discuss health issues even though they're not doctors, you discuss building options even though they're not builders, and you discuss bathroom problems even though they're not plumbers.  The difference is that most of us know the doctors, builders and plumbers are the professionals, and we don't really expect untrained amateurs to know their jobs.

But when it comes to computers, the average Googler has a false sense of mastery.  Everyday people have little understanding of how complex the Internet, computers (desktop, laptop, phone or tablet) and the storage of electronic data can be.  The difference between knowing computers and being an expert is huge.  

An expert can assess the situation, rectify it and walk away long before someone who "knows computers" has worked out that they have a problem.  You will PAY for that expertise, but I would rather pay for one hour of a professional's time than nine hours from an amateur, especially when it comes to my business.

When it comes to protecting your business from cyber crime, get someone in who actually understands the problems.  Don’t just dabble!

Roger Smith

CEO at

I help managers, owners, board members and C-level executives of small and medium enterprise, not for profit organisations and charities develop and implement proven digital security strategies so they can sleep better at night. I allow you to have more control over your business and digital security because I teach you what needs to be done by focusing on 6 areas of responsibility. When you complete the business security diagnostic scorecard you will discover the 6 areas of responsibility and also create a baseline to improve your business and digital security environment. This is the first step in being proactive and allows you to sleep better at night in the knowledge that you are improving your business and digital security through a tried and proven system. Secure your business! Get proactive! Do the scorecard! Read your report! Copy and paste this URL into your browser and get proactive - https://caremit.scoreapp.com #ceo #ExecutivesAndManagement #ProfessionalWomen #CareMIT #cybersecurity #infosecAmazon #1 Best Selling Author | Experienced Cybercrime and Cyber Security Expert | Speaker | Consultant | Trainer

Comments (2)
Ling Lee

Ling Lee at Digital Marketing and Personal Branding

Thanks always for your informative articles Roger! The thing is, some people don't always have the resources to pay! Currently, I am investing my faith in NortonAntivirus. Cheap and easy!

Wendy Huang

Wendy Huang, Full Time Blogger and YouTuber at A Custom Blog in 4 Minutes

It's a little bit scary to know that your whole identity can nowadays be tied to your computer and a good hacker can go in and access all your private files if you are not careful. In the old days of dial up internet Trojans and viruses are not as advanced as they are now, I don't even know what they are capable of!