There is not a computer system in the world that is completely immune to cyber attack. Yet denial of this fact can prove more detrimental to a company than the attacks themselves. Despite living in an age where vast proportions of our businesses and organisations are reliant on computer systems, the majority of people in positions of authority are failing to recognise the importance of having a basic awareness of cyber security and how to deal with it, should it be under threat.
Miscommunication between departments has been flagged as one potential reason for this refusal to take attacks seriously. It is a well known and sometimes joked about truth that those working in IT speak a different language to the board members. The result however, can be a stubborn and frustrated refusal to meet somewhere in the middle in order to discuss the problem in a way that everyone understands.
Likewise, there is a tendancy for all computer-related issues to be dealt with solely by the IT department, without any emphasis on prevention at a greater level. Here, it is the responsibility of the technicians to report each and every incident so it can be cohesively monitored and analysed and any weaknesses weeded out and dealt with. However they can and will only do so, if they know that the company board members will listen and accept that something needs to be done for the greater good of the company and its shareholders.
Speaking in terms of money is a good way to get board members to listen. Every attack will come with a cost, which can be significantly reduced if a company responds to the incident as swiftly and sensibly as possible. Commercially savvy Chief Information Officers and Chief Information Security Officers are ideal candidates to act as translators between departments and boards. They are often able to have conversations about technical issues at board level, addressing business risk and the protection of reputation and clients’ assets.
For companies to rely on IT systems to such a degree whilst being so slow to bring management up to speed on security is bad business. Knowing how to respond to a crisis is a key part of any large organisation’s infrastructure – including being hacked. Like fire drills, is worth having rehearsals to ensure the company is better prepared, minimising collateral damage.