The vast majority of CEOs already know cybercriminals are lurking in every digital space. From ransomware to social engineering schemes, cyberattacks are impossible to ignore when they make the headlines almost every day. In a global PwC survey, 71 percent of U.S. CEOs say they are “extremely concerned” about cybersecurity threats. Forty-three percent of those same respondents said they plan to increase their cybersecurity and data privacy investment by double digits to prevent business impacts as much as possible.
But where are the best places to make those investments? To get the answers, here are three critical cybersecurity questions you should ask your IT team if you’re a CEO, and, for IT team members, some guidance on getting to the right answers.
1. How do we know we’ve been attacked?
While a frozen screen with a ransomware demand is an obvious breach, others are much more insidious. In the now-infamous Colonial Pipeline breach, hackers gained entry on April 29th, but the breach wasn’t discovered until May 7th when a ransom note finally showed up. But the time between a breach and its discovery can run even longer, like multiple months. That’s a long time for the bad guys to wreak havoc. So, ask your IT team how you’ll know if somebody is actually on your network. Ask what layers of technology are in place to ensure that’s the case and how a breach will be detected. Verify that appropriate alerts from firewall and intrusion detection systems will be generated. Confirm that there are solid access controls. And ask your IT team if monitoring and alerting services would be valuable.
2. How will we recover from a cyberattack?
Hopefully, your IT team already has the strongest possible security controls in place to prevent attacks. But everyone knows that there is no such thing as 100 percent secure. Make sure an incident response plan is in place that covers every potential disaster, from ransomware to a data breach. Review the details of your data backup and disaster recovery plan, and is your IT team adhering to the 3-2-1-1-0 rule. Confirm how fast you can get back up and running in minutes and days.
3. What will the impacts be on our organization?
Now, imagine that the worst happens, and a successful breach hits your organization. Ask your IT team to help you understand the impacts that could result from downtime, lost data, and lost productivity. Can you continue to perform your core functions? What are the potential costs? Work with your IT team to set your recovery time objective (RTO)—how much time you can afford to be without access to your data— and your recovery point objective (RPO)—how much data you agree you can afford to lose in an incident.
Collaboration is the Answer
While CEOs know their businesses and IT teams know technology, it can, at times, be challenging to get the two aligned because of their differing perspectives. That’s why it’s worth considering a risk management workshop to help you and your IT team identify your overall risks, align with general industry standards and compliance regulations, and assess your overall security posture examining each of your points of exposure.
Finally, if you have cybersecurity insurance, verify that you’re sufficiently covered. And if you don’t have cybersecurity insurance, it’s definitely worth a look. Whatever steps you take, make sure recovery is not just possible but certain.
I hope you found this information helpful. As always, contact us any time—we’re always happy to help.
Until next time,
Tim
