All too frequently cybersecurity, hacking, data breaches and online criminal activity have become common place. Using scaremongering tactics, many cybersecurity businesses have induced decision paralysis at the board and management levels, putting their businesses at increased risk of significant financial, reputational and legislative damage.
Managing cybersecurity is fundamentally a leadership issue that everyone in the organisation has to take responsibility for, starting at the at the board and C-suite level. It is imperative for enabling sustainable business. This was the key message of a management workshop entitled ‘Cybersecurity: Cutting through the hype’ organised by the Department of Business Strategy Innovation on July 17 at the South Bank campus. The interactive workshop was led by Chris Haigh and Martin O’Riordan, the Chief Information Security Officer and the General Manager of Mercury IT, one of the country’s fastest growing IT Services businesses.
The workshop provided practical advice designed to immediately improve personal and organisational cybersecurity protection levels and to minimise risk exposure to data breaches, hacking and other online criminal activity. Mercury IT presented 10 action steps for business owners to implement that were built from years of experience working both domestically and internationally, for example, what standards should your business follow: NIST, ASD/ACSC, ISO27001?
Chris and Martin also spoke about the many ways organisations can increase their cybersecurity with little or no cost such as creating a password policy with minimum 14 characters, making sure your devices are updated/patched, not having the same password for personal and business use, deleting passwords from your browser, and many more tips and takeaways.
Organisations need to treat cybersecurity with the same levels of commitment that they many of them now show for health and safety risks.