DEFEND & INVEST
While you’re thinking about your business, let us tell you the two technology areas that will be the most important this year. They are Defend and Invest.
- Defend is about protecting your business from cybercriminals. We believe cyber-crime is going to rise again this year, to levels never seen before
- Invest is about making sure technology is powering your business forward, not holding it back
Let’s look in detail at both these areas
Imagine a burglar at night, walking down a street full of houses, looking for an opportunity.
Would it be fair to say that all of those houses are potential targets for the burglar? Only some make it easier for him than others.
This is exactly the same with cyber criminals targeting businesses. They are targeting all businesses, all the time. It’s just that some make it easier for them than others.
The houses with good locks on the doors and windows, a visible security alarm and cameras, and lights that make it look like someone is home… they’re not so attractive to the burglar.
Again, this analogy is the same with cybercriminals. Why would they go to the trouble of trying to break into a business with excellent defenses, when there are millions of businesses leaving themselves wide open to attack? Cybercriminals these days are not like hackers in movies from the 80s and 90s. They’re not super-intelligent kids, hacking just for fun and to show off to their hacking buddies. Today it’s organized crime. And it’s big business too. Last year global cyber-crime cost at least $1 trillion. It’s estimated to reach $10 trillion within 3 years.
Why the rise? There are three key drivers of this:
1. As businesses have become more sophisticated with technology, so have the criminals
2. The pandemic permanently changed the way we work. Hybrid working opens more opportunities for them
3. Most people don’t take cybercrime seriously and are still the weakest link in the chain. We estimate up to 80% of cyber-crime we deal with has started because a human made a mistake.
Technology can be very complex. So we work very hard to break it down into easy-to-understand concepts for our clients. Your defense strategy can be summed up in three areas:
The right tools
The trick is to put in place a blend of security measures that protect your business to a high level, without overly inconveniencing your staff. Our experience is that if you go too far, they will just find ways to bypass security. A real-world analogy would be someone propping open a door because it’s a pain having to enter an access code every time.
Often, the tools you put in place can make their lives easier while increasing security. A password manager is the best example of this. Because it remembers passwords for them, staff are always happy to use their password manager. And then it’s no hassle for them to generate and use long random passwords. Biometrics will also increase security and reduce hassle. It’s easier to use your face or fingerprint to get into a system than having to enter a password
If you can implement these kind of tools that make their lives easier, they will more readily accept tools that slow them down a little, such as multifactor authentication. This is where you generate a code on a separate device to prove it’s really you logging in. There’s no standard blend of security tools that’s correct for every business. As security experts, we fully assess each business we protect, to look at how they work and where that introduces vulnerabilities.
The Right Systems
Unfortunately, you can’t rely upon security tools alone to protect the business. They have to be used in the right way, which means implementing and policing systems. Here’s one example. If you have a work laptop that a member of your team regularly uses to Work From Home, then you need to make sure they know the limitations of its use.
We’ve seen security best practices thrown out of the window when a child has accessed a work laptop (without permission, of course) and started loading new software onto it. You have to think through in advance what could happen, and have a policy for it. Also, how you want your team to act when something goes wrong, such as them losing a device. That might not seem a big deal in this era of our data sitting in the cloud… but what if that lost device gives a stranger access to business information?
The right training
If 80% of breaches start with a human doing something wrong – mostly without realizing it – then we need to mobilize your team to be your first line of defense.
The techniques that cyber criminals use are becoming more sophisticated. They rely on someone to click a link or download a file. This loads malware onto a device, or gives them access to your network. And most of the time, your people don’t realize they have done it.
This is why they need regular cyber security training. This doesn’t have to be difficult, expensive or time consuming. But it will give them the knowledge and tools they need to identify possible threats. By the way… it’s critical that everyone in the business has this training. Including you. The person at the top is normally the most heavily targeted as they have access to more systems – including bank accounts.
Now we get onto the fun part. Being breached is as costly in time as it is in cash. But most business owners prefer to look at how technology can empower growth.
The days where buying hardware and software were seen as a “necessary expense” are long gone. These days, forward thinking businesses see that an investment in the right technology can give you a real edge.
In fact, done well it can give you a competitive advantage. When you’ve got the right technology:
- Your people become more efficient
- Communication is improved, and
- You can cut costs
All of these benefits can be translated into advantages for your customers.
But getting it right can be hit and miss. Things move very quickly in the world of technology. So, it’s important you do your research and don’t start spending money based on guesses. The key thing is to look at your business growth strategy, and ensure any investment delivers on that strategy. This is why we spend a great deal of time with our clients, understanding their business and what their future plans are, so we can best advise them on which areas to invest in, and how to get the biggest bang for their buck.
The most important question you can ask yourself before investing in new technology is: “What will this add to my business?
”For example – ask yourself if investing in new devices will save you money on the repair and maintenance of older ones. We know that once computers reach a certain age they actually cost more to maintain than the cash cost of buying a new device. Could new software make your people more productive by cutting out repetitive tasks? By integrating seamlessly with existing software, or by automating processes? And what about the benefit to your clients? Will it help you deliver a better product or service? Will it speed up delivery or help you eliminate any steps in your processes? Will it give you an edge over your competitors? Or help you expand your range of products and services?
Next you need to look at the real cost of your investment. It’s not just the hardware, software and setup that you should factor in. With any new technology there’s a period of adjustment for your team. And during that time you might expect to initially see a dip in productivity while people are learning new systems. You’ll also need to add in time for training and troubleshooting. You might benefit from creating a cost/benefit analysis to make sure you’ll see a return on investment on your new technology. If you’ve got it right, the long-term benefits should far outweigh the short-term costs. Some businesses will be focused right now on cutting costs. When it comes to technology, we believe this to be the wrong strategy. Technology investment must always be looked at as part of the bigger growth picture. Of course you must keep costs under control. But if you have the right technology in place now, the savings or growth you see later down the line can be significant.
3 Key Questions For You:
Do you have a technology strategy for this year?
Have you thoroughly looked at these two important areas: Defend and Invest?
Do you have a technology partner who’s capable of supporting your business growth at a strategic level, enhancing your security posture, and excel at day to day support?
Have Questions? Let's Chat!
Some of Our Capabilities