https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

Cybersecurity

Cybersecurity: How Can I Get the Most Bang for My Buck?

  • Written by Gary Hayslip
  • November 8, 2018
Our latest "ask an expert" explores the three most effective things to do to improve your organization's security.

Q: To get the most bang for your buck (and efforts), what two to three things can you do that positively affect the cybersecurity posture of most organizations?

This question comes to us from Mat Kordell, chief technology officer of The Altus Group, a provider of software, data and technology-enabled services to the commercial real estate industry. In today’s world where security resources and expertise are limited, it’s no wonder this is one of the most common questions he hears from customers.

The increase in cybersecurity attacks over the past several years has prompted organizations of all sizes, from small, mom-and-pop shops to massive, global enterprises, to take a deeper look at the current cybersecurity protections they have in place and ramp up their tool kits where needed. Here are my top three tips to level-up your security posture and get the best return on your investment.

Forget the ‘Weakest Link’ — Train Your Team

An organization is only as strong as its weakest link. Often, employees are left to take the blame when it comes to cybersecurity threats. However, it’s imperative that companies take a good look in the mirror to see how they are educating their employees on the proper tactics and skills needed to avoid potential threats to their organization. Much like how a child shouldn’t be punished for disobeying rules of which they’re unaware, your employees shouldn’t be punished, either. Data breaches are in the news every day, which has pushed the topic to the mainstream, but it is unfair to assume that every employee is up-to-date on best practices. 

For example, phishing scams remain a tried-and-true tactic for malicious actors because they prey on human nature. Whether it’s just from curiosity or a perfectly tailored scam, eventually someone will fall prey to a phishing attempt. To combat this, organizations must empower their employees with continuous cybersecurity training to stay up to date on the latest threats and trends. At the end of the day, it’s up to companies to keep themselves protected.

A recent survey of small- to medium-sized businesses (SMBs) found that businesses are taking cybersecurity seriously, with nearly 100 percent of respondents conducting employee cybersecurity training in some form. However, despite these efforts, the report also notes that roughly 79 percent say they aren’t completely ready to manage IT security and protect against threats.

The survey also found that only 39 percent continuously train employees on best practices, and 36 percent only train employees once, either during onboarding or after a security breach takes place. To truly get the most bang for your buck with security training, employees need ongoing training throughout their tenure to feel educated and empowered, and ultimately to keep your organization’s digital assets secure.

Security: It’s a Culture Thing

Create a culture of security within your organization. That’s another one of the best ways to get the most bang for your buck in security and it’s a move that should be done in tandem with any formal security-awareness training you may have in place. No matter the size of your business, any unexpecting employee can fall victim to a phishing email, from investigating a deal that was too good to be true to simple curiosity. By creating broad awareness of the dangers of today’s new threats, instilling the concept that security belongs to everyone at the company, and providing education on safety tips and best practices, organizations can avoid a lot of potential damage.

For example, during onboarding, cybersecurity training should be mandatory for all new employees to give them a better understanding of the threats their new company faces and how best they can help to keep the ship above water.

Down the line, their security education should continue with ongoing security-awareness training, updates, blogs and even lunch-and-learns. Organizations should make it a point to share ongoing tips and tricks to help employees maintain their best practices. It’s also effective to have small contests, such as where a fake phishing email garners a prize for the employee that forwards it to their IT department. These small tokens keep employees on their toes and knowledgeable at the same time.

Skip the Discount Solutions

One size doesn’t fit all. Naturally, everyone is looking for the best deal while shopping for cybersecurity products. However, it’s important to remember that shopping for cybersecurity can be similar to shopping for clothes – one size doesn’t always fit all. Unlike holiday shopping, that coupon-clipping, discount-hunting mindset won’t always lead to success.

As a CISO I have learned the hard way that simply shopping for the lowest price doesn’t fit the needs of my organization or my security program. In looking for solutions to add to my security stack, it’s important not to be distracted by the newest, shiniest thing. Instead, as the CISO, do your homework to ensure you understand the business operations and strategic goals of your company.

Once you’ve aligned your security program to support the business and completed business impact assessments, you will have a list of security controls and initiatives that need to be remediated. This list of initiatives is a foundation the CISO uses as a road map to review current security technologies and identify new ones that can upgrade an immature security control.

Have the problems you are trying to resolve in mind when shopping for technologies. That way you choose solutions that integrate smoothly into your current security platform, ones that solve several issues that need to be addressed and ones that share data with your current security solutions. That sharing enables a clearer view of anomalous incidents that need to be investigated.

When looking at new technologies it isn’t about the cost, it’s about how well it integrates into your platform and the data it provides, so ultimately you (as a CISO or other decision maker) can make informed decisions to protect your company and its operations.

*Bonus tip: Hire a CISO. To be successful in preventing data breaches and thwarting potential threats, it’s crucial that organizations have the right people in place with the appropriate expertise to make the decisions as to which products and practices will best suit their needs. This is where appointing a skilled CISO, a chief information security officer, or CSO, a chief security officer, comes into play. Their knowledge of the current threat landscape is integral to understanding what solutions and tactics are best suited to keep the company safe and avoid a major security incident. As a CISO myself, I might be biased, but it’s vital to have someone at the helm of your company’s security efforts to make sure you truly get the most bang for your buck.

Gary Hayslip is responsible for the development and implementation of all information security strategies, including Webroot’s security standards, procedures and internal controls. As CISO, he also contributes to product strategy to guide the efficacy of Webroot’s security portfolio. He previously was CISO of the city of San Diego and held infosec roles with the U.S. Navy and the federal government. Follow Hayslip on Twitter @ghayslip or on LinkedIn.

Tags: Agents Cloud Service Providers MSPs VARs/SIs Best Practices Sales & Marketing Security Strategy

Most Recent


  • Layoffs
    Telecom-IT Layoff Tracker 2023: Cisco, RingCentral, Microsoft, 8x8, Sophos, More
    The onslaught of layoffs is bleeding over into this month.
  • Job Cuts
    January's Tech Layoff Scourge: Deep Dive Into Channel Impact
    We break down the seemingly daily layoffs impacting various companies doing business in the channel.
  • Zero Trust World Feature 2023
    Zero Trust World: ThreatLocker Hopes MSPs Get 'Smarter' About Fighting Attacks
    Zero Trust World is about deep diving into the threat landscape and knowing your enemies.
  • Layoffs
    Talkdesk Layoffs Impact Sizable Number of Workers, Former Employee Says
    Talkdesk did not provide reasons for the reduction in headcount, one laid-off worker said.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • USB drive
    A Coup and a Theft: Why MSPs Can’t Let Clients Get Lax About USB Security
  • Ransomware skull and crossbones
    JBS Did What it 'Needed to Do' with $11 Million Ransom Payment
  • hybrid clouds
    Nutanix, HPE Team on Hybrid, Multicloud via GreenLake
  • lone Arctic wolf
    Arctic Wolf Enhances Partner Program with 2 New Tiers

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

Telecom-IT Layoff Tracker 2023: Cisco, RingCentral, Microsoft, 8×8, Sophos, More

February 2, 2023

January’s Tech Layoff Scourge: Deep Dive Into Channel Impact

February 2, 2023

Zero Trust World: ThreatLocker Hopes MSPs Get ‘Smarter’ About Fighting Attacks

February 1, 2023

Industry Perspectives

View all

How to Break Through the Growth Ceiling

February 1, 2023

5 Things to Look for in a UC Partner

January 31, 2023

The Benefits of Hiring an Investment Bank

January 30, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

How To Boost Your Business With White-Label UCaaS

February 28, 2023

Security Secrets of the MSP 501: How to Be a Cyber Leader in 2023

December 15, 2022
  • 1

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

Day 1 of #ZTW23: @ThreatLocker hopes attendees walk away smarter about #zero trust and cybersecurity.… twitter.com/i/web/status/1…

February 2, 2023
ChannelFutures

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them dlvr.it/ShpCHp https://t.co/Av6eJmYnnF

February 1, 2023
ChannelFutures

Frost Radar: North American UCaaS Market, 2022 dlvr.it/ShpBhh https://t.co/KhiTCSoGRH

February 1, 2023
ChannelFutures

The Complete Guide to White-Label UCaaS for Reseller Success dlvr.it/Shp8lc https://t.co/SdMhek3KCk

February 1, 2023
ChannelFutures

.@splunk is laying off 325 employees, or 4% of its global workforce. The layoffs will take place mostly among emplo… twitter.com/i/web/status/1…

February 1, 2023
ChannelFutures

.@TDSYNNEXUK and MSSP @wearechorus to offer new managed security service to UK partners. dlvr.it/Shnd7n https://t.co/B0TZroBadL

February 1, 2023
ChannelFutures

RT @ChannelEurope: Learn from the UK's top experts in the channel this summer at #ChannelEurope, part of @LDNTechWeek! Happening at etc.ven…

February 1, 2023
ChannelFutures

.@RobTRae sits down for a 1:1 on his new gig at @Pax8 and reflects on his 9+ years at #Datto.… twitter.com/i/web/status/1…

February 1, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X