https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2023 MSP 501 Application
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2023 MSP 501 Application
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

Cybersecurity

Cybersecurity: How Can I Get the Most Bang for My Buck?

  • Written by Gary Hayslip
  • November 8, 2018
Our latest "ask an expert" explores the three most effective things to do to improve your organization's security.

Q: To get the most bang for your buck (and efforts), what two to three things can you do that positively affect the cybersecurity posture of most organizations?

This question comes to us from Mat Kordell, chief technology officer of The Altus Group, a provider of software, data and technology-enabled services to the commercial real estate industry. In today’s world where security resources and expertise are limited, it’s no wonder this is one of the most common questions he hears from customers.

The increase in cybersecurity attacks over the past several years has prompted organizations of all sizes, from small, mom-and-pop shops to massive, global enterprises, to take a deeper look at the current cybersecurity protections they have in place and ramp up their tool kits where needed. Here are my top three tips to level-up your security posture and get the best return on your investment.

Forget the ‘Weakest Link’ — Train Your Team

An organization is only as strong as its weakest link. Often, employees are left to take the blame when it comes to cybersecurity threats. However, it’s imperative that companies take a good look in the mirror to see how they are educating their employees on the proper tactics and skills needed to avoid potential threats to their organization. Much like how a child shouldn’t be punished for disobeying rules of which they’re unaware, your employees shouldn’t be punished, either. Data breaches are in the news every day, which has pushed the topic to the mainstream, but it is unfair to assume that every employee is up-to-date on best practices. 

For example, phishing scams remain a tried-and-true tactic for malicious actors because they prey on human nature. Whether it’s just from curiosity or a perfectly tailored scam, eventually someone will fall prey to a phishing attempt. To combat this, organizations must empower their employees with continuous cybersecurity training to stay up to date on the latest threats and trends. At the end of the day, it’s up to companies to keep themselves protected.

A recent survey of small- to medium-sized businesses (SMBs) found that businesses are taking cybersecurity seriously, with nearly 100 percent of respondents conducting employee cybersecurity training in some form. However, despite these efforts, the report also notes that roughly 79 percent say they aren’t completely ready to manage IT security and protect against threats.

The survey also found that only 39 percent continuously train employees on best practices, and 36 percent only train employees once, either during onboarding or after a security breach takes place. To truly get the most bang for your buck with security training, employees need ongoing training throughout their tenure to feel educated and empowered, and ultimately to keep your organization’s digital assets secure.

Security: It’s a Culture Thing

Create a culture of security within your organization. That’s another one of the best ways to get the most bang for your buck in security and it’s a move that should be done in tandem with any formal security-awareness training you may have in place. No matter the size of your business, any unexpecting employee can fall victim to a phishing email, from investigating a deal that was too good to be true to simple curiosity. By creating broad awareness of the dangers of today’s new threats, instilling the concept that security belongs to everyone at the company, and providing education on safety tips and best practices, organizations can avoid a lot of potential damage.

For example, during onboarding, cybersecurity training should be mandatory for all new employees to give them a better understanding of the threats their new company faces and how best they can help to keep the ship above water.

Down the line, their security education should continue with ongoing security-awareness training, updates, blogs and even lunch-and-learns. Organizations should make it a point to share ongoing tips and tricks to help employees maintain their best practices. It’s also effective to have small contests, such as where a fake phishing email garners a prize for the employee that forwards it to their IT department. These small tokens keep employees on their toes and knowledgeable at the same time.

Skip the Discount Solutions

One size doesn’t fit all. Naturally, everyone is looking for the best deal while shopping for cybersecurity products. However, it’s important to remember that shopping for cybersecurity can be similar to shopping for clothes – one size doesn’t always fit all. Unlike holiday shopping, that coupon-clipping, discount-hunting mindset won’t always lead to success.

As a CISO I have learned the hard way that simply shopping for the lowest price doesn’t fit the needs of my organization or my security program. In looking for solutions to add to my security stack, it’s important not to be distracted by the newest, shiniest thing. Instead, as the CISO, do your homework to ensure you understand the business operations and strategic goals of your company.

Once you’ve aligned your security program to support the business and completed business impact assessments, you will have a list of security controls and initiatives that need to be remediated. This list of initiatives is a foundation the CISO uses as a road map to review current security technologies and identify new ones that can upgrade an immature security control.

Have the problems you are trying to resolve in mind when shopping for technologies. That way you choose solutions that integrate smoothly into your current security platform, ones that solve several issues that need to be addressed and ones that share data with your current security solutions. That sharing enables a clearer view of anomalous incidents that need to be investigated.

When looking at new technologies it isn’t about the cost, it’s about how well it integrates into your platform and the data it provides, so ultimately you (as a CISO or other decision maker) can make informed decisions to protect your company and its operations.

*Bonus tip: Hire a CISO. To be successful in preventing data breaches and thwarting potential threats, it’s crucial that organizations have the right people in place with the appropriate expertise to make the decisions as to which products and practices will best suit their needs. This is where appointing a skilled CISO, a chief information security officer, or CSO, a chief security officer, comes into play. Their knowledge of the current threat landscape is integral to understanding what solutions and tactics are best suited to keep the company safe and avoid a major security incident. As a CISO myself, I might be biased, but it’s vital to have someone at the helm of your company’s security efforts to make sure you truly get the most bang for your buck.

Gary Hayslip is responsible for the development and implementation of all information security strategies, including Webroot’s security standards, procedures and internal controls. As CISO, he also contributes to product strategy to guide the efficacy of Webroot’s security portfolio. He previously was CISO of the city of San Diego and held infosec roles with the U.S. Navy and the federal government. Follow Hayslip on Twitter @ghayslip or on LinkedIn.

Tags: Agents Cloud Service Providers MSPs VARs/SIs Best Practices Sales & Marketing Security Strategy

Most Recent


  • Cloud Curtain
    Microsoft Unveils Key Cloud Partner Program Enhancements
    Microsoft's chief partner officer outlined the new initiatives that include training and support.
  • Bankruptcy Court
    Avaya Reduces Debt by $2.6 Billion, Gets Closer to Emerging from Bankruptcy
    The company will be backed by its existing lenders.
  • Magic Quadrant Leaders: Fortinet, VMware, Cisco, More
    SASE Revenue Grows 34%, with Cisco, Zscaler, VMware Leading
    SSE grew 38% in revenue last year, while SD-WAN grew 30% in revenue. See who else made the list.
  • Welcome aboard
    Ivanti Expands Channel Leadership with Blue Prism, Edgio Vets
    The new hires are part of Ivanti’s new global channels and alliances leadership team.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • USB drive
    A Coup and a Theft: Why MSPs Can’t Let Clients Get Lax About USB Security
  • Ransomware skull and crossbones
    JBS Did What it 'Needed to Do' with $11 Million Ransom Payment
  • hybrid clouds
    Nutanix, HPE Team on Hybrid, Multicloud via GreenLake
  • lone Arctic wolf
    Arctic Wolf Enhances Partner Program with 2 New Tiers

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

Microsoft Unveils Key Cloud Partner Program Enhancements

March 22, 2023

The CF List: 2023’s 20 Top Threat Intelligence Providers You Should Know

March 22, 2023

Lumen Channel Leaders: Activation Incentives ‘Resonating’ with Partner Community

March 21, 2023

Industry Perspectives

View all

Selling Your MSP: Strategic vs. Financial Buyers

March 22, 2023

10 Strategic Smart Enterprise Drivers for 2023

March 16, 2023

Does Your Company Have a Virtual Water Cooler?

March 13, 2023

Webinars

View all

Equipping the Hybrid Workforce: What It Takes to Execute

March 28, 2023

Give Customers the Power: How MSPs Can Leverage Cloud Choice

April 4, 2023

DE&I Dialogue: How the Right DE&I Initiatives Can Propel Your Business

April 5, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Real-Life M&A: Advice for a Successful Channel Deal

Coffee with Craig and James Episode 120: Ronnell Richards

March 3, 2023

XDR Technology: Latest Breakthroughs, How to Talk to Customers

March 1, 2023

Coffee with Craig and James Episode 119: Alliance of Channel Women

February 22, 2023

Twitter

ChannelFutures

.@GoIvanti adds to channel leadership team with @blue_prism, @edgioinc vets. #automation dlvr.it/SlKYTp https://t.co/WBtK80tZcj

March 22, 2023
ChannelFutures

Although @DellOroGroup observes a "crowded" SASE market, only four vendors are actually providing truly a unified S… twitter.com/i/web/status/1…

March 22, 2023
ChannelFutures

#Microsoft prepares partners for new #GPT4 in @Azure @OpenAI. @msPartner dlvr.it/SlKR6q https://t.co/TNRQHslQ72

March 22, 2023
ChannelFutures

The new @TDSYNNEX directory will include exclusive and premium benefits for CommunitySolv members.… twitter.com/i/web/status/1…

March 22, 2023
ChannelFutures

Tim Mueller with @mw_advisors provides useful strategies for selling your MSP #channelpartners #msp #technews… twitter.com/i/web/status/1…

March 22, 2023
ChannelFutures

"...everybody that's ever influenced me in my life has been somebody that's been willing to listen..." 📺 Hear from… twitter.com/i/web/status/1…

March 22, 2023
ChannelFutures

Our latest #CFList includes top #threatintelligence providers, with @CrowdStrike, @kaspersky, @Microsoft,… twitter.com/i/web/status/1…

March 22, 2023
ChannelFutures

🤔 What if we told you that DE&I could help you stay competitive and propel your business forward? Join us on April… twitter.com/i/web/status/1…

March 21, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X