https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • EMEA
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 501 Reports
    • MSPmentor Education
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • Awards
    • Back
    • European Partners 51 (EP 51) Awards
    • Excellence in Digital Services
    • MSP 501 Rankings
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Industry Events
    • Webinars
  • More
    • Back
    • About Us
    • Advertise on Channel Futures
    • Contact Us
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • EMEA
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 501 Reports
    • MSPmentor Education
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • Awards
    • Back
    • European Partners 51 (EP 51) Awards
    • Excellence in Digital Services
    • MSP 501 Rankings
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Industry Events
    • Webinars
  • More
    • Back
    • About Us
    • Advertise on Channel Futures
    • Contact Us
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Shutterstock

Cybersecurity

Cybersecurity: How Can I Get the Most Bang for My Buck?

  • Written by Gary Hayslip
  • November 8, 2018
Our latest "ask an expert" explores the three most effective things to do to improve your organization's security.

Q: To get the most bang for your buck (and efforts), what two to three things can you do that positively affect the cybersecurity posture of most organizations?

This question comes to us from Mat Kordell, chief technology officer of The Altus Group, a provider of software, data and technology-enabled services to the commercial real estate industry. In today’s world where security resources and expertise are limited, it’s no wonder this is one of the most common questions he hears from customers.

The increase in cybersecurity attacks over the past several years has prompted organizations of all sizes, from small, mom-and-pop shops to massive, global enterprises, to take a deeper look at the current cybersecurity protections they have in place and ramp up their tool kits where needed. Here are my top three tips to level-up your security posture and get the best return on your investment.

Forget the ‘Weakest Link’ — Train Your Team

An organization is only as strong as its weakest link. Often, employees are left to take the blame when it comes to cybersecurity threats. However, it’s imperative that companies take a good look in the mirror to see how they are educating their employees on the proper tactics and skills needed to avoid potential threats to their organization. Much like how a child shouldn’t be punished for disobeying rules of which they’re unaware, your employees shouldn’t be punished, either. Data breaches are in the news every day, which has pushed the topic to the mainstream, but it is unfair to assume that every employee is up-to-date on best practices. 

For example, phishing scams remain a tried-and-true tactic for malicious actors because they prey on human nature. Whether it’s just from curiosity or a perfectly tailored scam, eventually someone will fall prey to a phishing attempt. To combat this, organizations must empower their employees with continuous cybersecurity training to stay up to date on the latest threats and trends. At the end of the day, it’s up to companies to keep themselves protected.

A recent survey of small- to medium-sized businesses (SMBs) found that businesses are taking cybersecurity seriously, with nearly 100 percent of respondents conducting employee cybersecurity training in some form. However, despite these efforts, the report also notes that roughly 79 percent say they aren’t completely ready to manage IT security and protect against threats.

The survey also found that only 39 percent continuously train employees on best practices, and 36 percent only train employees once, either during onboarding or after a security breach takes place. To truly get the most bang for your buck with security training, employees need ongoing training throughout their tenure to feel educated and empowered, and ultimately to keep your organization’s digital assets secure.

Security: It’s a Culture Thing

Create a culture of security within your organization. That’s another one of the best ways to get the most bang for your buck in security and it’s a move that should be done in tandem with any formal security-awareness training you may have in place. No matter the size of your business, any unexpecting employee can fall victim to a phishing email, from investigating a deal that was too good to be true to simple curiosity. By creating broad awareness of the dangers of today’s new threats, instilling the concept that security belongs to everyone at the company, and providing education on safety tips and best practices, organizations can avoid a lot of potential damage.

For example, during onboarding, cybersecurity training should be mandatory for all new employees to give them a better understanding of the threats their new company faces and how best they can help to keep the ship above water.

Down the line, their security education should continue with ongoing security-awareness training, updates, blogs and even lunch-and-learns. Organizations should make it a point to share ongoing tips and tricks to help employees maintain their best practices. It’s also effective to have small contests, such as where a fake phishing email garners a prize for the employee that forwards it to their IT department. These small tokens keep employees on their toes and knowledgeable at the same time.

Skip the Discount Solutions

One size doesn’t fit all. Naturally, everyone is looking for the best deal while shopping for cybersecurity products. However, it’s important to remember that shopping for cybersecurity can be similar to shopping for clothes – one size doesn’t always fit all. Unlike holiday shopping, that coupon-clipping, discount-hunting mindset won’t always lead to success.

As a CISO I have learned the hard way that simply shopping for the lowest price doesn’t fit the needs of my organization or my security program. In looking for solutions to add to my security stack, it’s important not to be distracted by the newest, shiniest thing. Instead, as the CISO, do your homework to ensure you understand the business operations and strategic goals of your company.

Once you’ve aligned your security program to support the business and completed business impact assessments, you will have a list of security controls and initiatives that need to be remediated. This list of initiatives is a foundation the CISO uses as a road map to review current security technologies and identify new ones that can upgrade an immature security control.

Have the problems you are trying to resolve in mind when shopping for technologies. That way you choose solutions that integrate smoothly into your current security platform, ones that solve several issues that need to be addressed and ones that share data with your current security solutions. That sharing enables a clearer view of anomalous incidents that need to be investigated.

When looking at new technologies it isn’t about the cost, it’s about how well it integrates into your platform and the data it provides, so ultimately you (as a CISO or other decision maker) can make informed decisions to protect your company and its operations.

*Bonus tip: Hire a CISO. To be successful in preventing data breaches and thwarting potential threats, it’s crucial that organizations have the right people in place with the appropriate expertise to make the decisions as to which products and practices will best suit their needs. This is where appointing a skilled CISO, a chief information security officer, or CSO, a chief security officer, comes into play. Their knowledge of the current threat landscape is integral to understanding what solutions and tactics are best suited to keep the company safe and avoid a major security incident. As a CISO myself, I might be biased, but it’s vital to have someone at the helm of your company’s security efforts to make sure you truly get the most bang for your buck.

Gary Hayslip is responsible for the development and implementation of all information security strategies, including Webroot’s security standards, procedures and internal controls. As CISO, he also contributes to product strategy to guide the efficacy of Webroot’s security portfolio. He previously was CISO of the city of San Diego and held infosec roles with the U.S. Navy and the federal government. Follow Hayslip on Twitter @ghayslip or on LinkedIn.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Best Practices Sales & Marketing Security Strategy

Related


  • International Data Corp IDC has predicted total spending on cloud IT infrastructure will grow 24 percent and exceed 32 billion this year ProfitBricks said the demand for cloud infrastructure services may continue to grow in 2016 and MSPs couldnbspsee cloud infrastructure services asnbsphaving the highest growth potential among cloud services
    Secrets to Sustainable Growth – for MSPs, by MSPs
    Chapter 2: Maximize Your Profitability Channel Futures – with the backing of MSP-enablement platform provider Continuum, a ConnectWise Company, and a multitude of successful MSPs – is back to supply you with chapter 2 of our three-part eBook series on helping MSPs run better and smarter businesses. In this instillation, we pick up after MSPs […]
  • Hear, Listen
    AWS re:Invent Day 3: What Partners Wanted to Hear
    That, plus new products and services from Fortinet, Aruba, Barracuda and Digital Guardian.
  • Vice President
    Zerto Looks Inward for New VP of Americas Sales
    Chris Nelson takes the sales executive spot of Coley Burke, who moves up to become Zerto's new chief revenue officer.
  • Project manager speaking at diverse meeting sharing creative ideas telling opinion at group briefing
    The Importance of Strengthening Your Cyber Security Culture
    While a true culture change within an organization can take years, cyber security culture can’t wait that long.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Linux Foundation Offers Sale Prices on Open Source Training, Certifications
  • Channel Futures MSP 501 2019 EMEA Survey & Report
  • When Worlds Collide: Telco Agents Can Sell Managed Services
  • AWS re:Invent Day 2 News Includes Highly Anticipated Outposts Release for Partners

Galleries

Images: Channel Evolution Europe Featuring Avant, 8×8, Sophos, CenturyLink, More

December 5, 2019
view all

From the Industry

The Importance of Strengthening Your Cyber Security Culture

December 4, 2019

Don’t Let Lack of HIPAA Compliance Make Your Business Sick

December 4, 2019

Using ADR to Help Secure Your Business First

December 4, 2019
view all

Webinars

How Your MSP Can Deliver the Ultimate Customer Experience

December 10, 2019

Edge of Tomorrow: Network Security in the Age of Data-Driven Business

December 11, 2019
view all

White Papers

Secrets to Sustainable Growth – for MSPs, by MSPs

December 4, 2019

Why Managed Security Presents A Golden Opportunity for MSPs

November 26, 2019

The Ultimate Guide to On-Site Managed Services

November 26, 2019
view all

Events

Channel Partners Conference & Expo

March 9, 2020 - March 12, 2020
view all

Videos

FASTCHAT: Why an MSP Needs to Extend Detection and Response Beyond Endpoint Security

October 22, 2019

Ingram Micro: It’s Up to Our MSP Partners to Keep Clients ‘Out of the Headlines’

October 14, 2019

Liongard: Here’s How We ‘Roar’ for the MSP Community

October 14, 2019
view all

Twitter

ChannelFutures

An increase in the use of #collaborationapps may be making employees more productive, but just like #email there's… twitter.com/i/web/status/1…

December 5, 2019
ChannelFutures

#Datastorage vendor @WekaIO launches its inaugural channel partner program to drive AI and ML storage.… twitter.com/i/web/status/1…

December 5, 2019
ChannelFutures

Look for vendor red flags as you evaluate #datacenter #hardware performance and cost, says @GetInterconnect.… twitter.com/i/web/status/1…

December 5, 2019
ChannelFutures

Great pics here from the inaugural #EvolutionEU feature @Avant_CCC @CenturyLinkBiz @8x8 and more.… twitter.com/i/web/status/1…

December 5, 2019
ChannelFutures

Are you ready for 2020? The new year is just weeks away and @Gartner_inc has come out with the top #techtrends for… twitter.com/i/web/status/1…

December 5, 2019
ChannelFutures

.@Flashpointintel rolls out new MSSP capabilities. #cybersecurity dlvr.it/RKjtR0 https://t.co/7biipPzz1h

December 5, 2019
ChannelFutures

.@AppRiver sheds interesting insights into how SMBs feel about cyber threats. dlvr.it/RKh5LH https://t.co/fpGTvBymUm

December 4, 2019
ChannelFutures

#Oracle is back in court to register its protest against the method by which #DoD is awarding its coveted, $10 bill… twitter.com/i/web/status/1…

December 4, 2019

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Cookie Policy
  • Privacy
  • Terms
Copyright ©2019 Informa PLC. Informa Telecoms & Media Limited is a company registered in England and Wales with company number 00991704 whose registered office is 5 Howick Place, London, SW1P 1WG. VAT GB365462636. Informa Telecoms & Media Limited is part of Informa PLC.
✕

channel futures Logo

Want to stay updated? Sign up for our Channel Futures newsletters today.

Websites are now required by law to gain your consent before applying cookies. We use cookies to improve your browsing experience. Parts of the website may not work as expected without them. By closing or ignoring this message, you are consenting to our use of cookies.
X