Don't let your business be the weakest link
‘Companies spend millions of dollars on firewalls and secure access devices, and it's money wasted because none of these measures address the weakest link in the security chain: the people who use, administer and operate computer systems’ – Kevin Mitnick
Blunt words, but from one of the most respected White Hat Hackers, it’s a truth which needs to be heard by all businesses.
As we saw with WannaCry and Petya in 2017, Meltdown and Spectre in 2018, and the Uber data breach, every organisation around the world is vulnerable to a security hack and/or data breach.
If a company with the resources of Uber can be a victim of a malicious cyberattack then so can your business. IT teams in every business work hard to ensure they protect against all possible threats but it only takes one second of carelessness from an unwitting employee to bring the house crashing down.
There are many potential points o failure for IT teams to deal with, such as legacy IT systems, employees not sufficiently trained in understanding risks, phishing attempts, expired software licenses, the list is endless.
However, it’s when the internal IT teams have no control or influence over the IT security, which can be the one that breaks the secure chain. Working with partners such as creative or digital design agencies for example, who are intent on pushing boundaries in the work they deliver for clients, but without realising it, can also be the open door to exposing their client's to ransomware or ransomworms.
The rapid acceleration of digital transformation which technology enables across businesses has resulted in traditional job roles evolving. For example, CFO’s are now getting more involved far earlier in the decision making process on the technologies to invest in, and in the resources available for the IT team to deliver on them. Ralf Sydekum, technical manager at F5 Networks reinforces this view:
“Leaving cloud security to the IT department alone is not a good idea. It is essential to bridge the gap between the executive boardroom and those responsible for security decisions.”
Ralf Sydekum, Technical Manager at F5 Networks
A viewpoint also shared by CFO's in the latest Grant Thornton CFO survey :
‘In the short to long-term future, CFOs will need a strong technical background. The role will require a person with a strong understanding of such responsibilities that today might fall within the realm of a data scientist/CTO/CIO. What will be required of future CFOs is a technical mindset that will include a strong understanding of the risks that new technologies bring about.’
CFO’s in creative, digital, advertising or marketing agencies face an even bigger challenge as they must balance the drive for profit with the investment to keep clients secure online, minimising any potential risks or threats. Difficult investment decisions must be made as the agency will usually be focused on winning new business pitches, in being measured by their creativity or innovation. This can result in a lack of resource support available for their IT departments, tasked with keeping their agency ahead of competitors, whilst managing all potential risks or vulnerabilities.
Mistakes can be made and agencies unintentionally exposed to threats, ransomware or ransomworms. What makes it worse is the impact this has on clients, who see their online reputations damaged by their ‘trusted’ partner.
From what we’ve seen in our business, one of the biggest single points of failure is under resourced IT teams who do not have the time to keep up with all the latest IT threats and risks whilst juggling their everyday jobs.
This is where our business can step in to help, our team is focused on keeping all businesses secure online. It’s something we stake our reputation on. Digital Craftsmen fully supports DevSecOps when many businesses are still getting to grips with it. We bring peace of mind to IT directors with our ISO 27001 accreditation and ITIL trained team, providing reassurance their IT systems are being securely monitored which allows them the space to innovate. We can also be measured on our cost effectiveness, because we help businesses save money by managing their online hosting more efficiently.
If you want to know about Digital Craftsmen, why not visit our website or pick up the phone and call one of the Craftsmen directly on (0) 20 3745 7706.