BradEgeland.com
  • Welcome
  • Blog
  • Expertise
  • Resume
  • Software / Service Reviews
  • Contact
  • Videos
  • Books / White Papers
  • Mentoring Contact Form
  • Awards/Recognition
  • Templates & Downloads
  • Clients
  • Professional Services
  • Past Survey Results

5 Things to Know About Cybersecurity on IT Projects

2/20/2021

0 Comments

 
Picture
Cybersecurity is an interesting topic – no doubt about it. But it becomes a scary topic if your organization falls victim to a vicious cyberattack that leaves your company's, your clients', or your projects' sensitive data affected or vulnerable. How you are prepared to react and respond may make the difference between no affect, a small affect, or one so costly and high profile it may bring down the company or cost millions to respond to and take corrective action against. If you've been following the large organizations that have been hit – you remember them well because you're first thought was probably “I wonder if I've been affected” because you either shop there, have done business with them, or it's your bank or credit card provider that was hit.


Now that I have your full attention – hopefully - let's consider and discuss what I consider to be five key things you need to know about cybersecurity for yourself, your company and your projects...


It's ok to start small. You don't have to plan out a major cybersecurity response team or infrastructure. Especially if you aren't currently experiencing a major cyber breach major event. What you do need to do is start somewhere and sometime and that time is right now. Whatever someone can do to hack you and your precious employee data or project data or project customer information has already been figured out but you haven't been targeted... yet. Either you aren't on a hacker's radar, or your data isn't important enough yet or whatever. Rest assured that at some point in the not too distant future you will be on their radar


Not if but when. Cybersecurity is not really about “if” you'll need to react, it's more about “when” you'll need to react. Nearly everyone and everything will experience some sort of theft, breach, infection, or infliction of cybercrime or cyberattack in the next decade... and probably sooner. 25% of my own clients – some of which are fairly small – have been affected by a cybersecurity issue in the past two years. The key is to be ready. Hopefully to mitigate, but since that may be futile, at least be ready to respond and fix and close holes and cleanup quickly. You don't need an army of experts to do this – hopefully – but it is best to have one or a few prepared in house to respond and maybe an external expert you've already connected with who could assist depending on the extreme need and available budget.


Read the books - info is abundant. There are books available all the time on cybersecurity. If you are looking to grow an internal staff starting with one or two, then social media and these books are a great way to start. Detailed, expert certification isn't necessary to begin with, just some knowledge, dedicated interest and materials – like books, videos, webinars, seminars, the annual Black Hat conference here in Las Vegas and other locations. All of these will help build awareness and knowledge in your cybersecurity startup staff. Great books, articles and other materials are readily available to help get your response team off the ground and ready – use them.


Start with a consultant. You may not need an expert consultant, but it would be a very good idea to connect with one in case you do. And maybe the expert consultant is the way to go if you're not able to hire or train any staff but would rather pay “through the nose” if and when the need to react to a cybersecurity incident happens. It's not cheap to get an air conditioner repair person on a Sunday in Las Vegas in July when it's 115˚ or a plumber at midnight, and it's not going to be cheap to get an external cybersecurity expert consultant after a breach has occurred. But that may be all you need and whether or not you ever call in an external expert consultant, it's a good idea to have the connection already in place.


It's not always about money. A breach will cost you. You will have to close up the loop somehow and work to ensure that it doesn't happen again. If it happened once it can happen many times. And maybe this time it wasn't about data or revenge or getting sensitive client info or financial info or ransomware. It isn't always about money that someone wants from you or data that they can sell to others. Sometimes you are a random target or it's just about the sport of getting into something you're not supposed to get into. But you must take measures because next time it may be about sensitive data or holding information for ransom. This may have been a test run for something much bigger later. So, the breach – if you experienced one – will cost you so patch it fast and figure out how to not let it happen again... to the best of your ability.


Summary / call for input


I wish I could tell you everything will be alright. True that most people are good, and you really only hear about the bad ones in the news. And there are many good hackers out there – trying to help organizations better prepare by exposing weaknesses and issues – and they are paid handsomely for it. But there are those hackers who are looking to thrive financially or just have fun at your expense. Eventually you are likely to be affected to some degree by one of these and taking some initiative now to be at least ready to respond is your best course of action.


Readers – what are your thoughts? Has your organization – or even your personal self – been affected? How has your organization prepared or responded to concerns of even breaches? Do they see they need to be proactive or just waiting to react as most organizations seem to be doing. Please share and discuss.



0 Comments



Leave a Reply.

    Author:

    Picture

    Brad Egeland


    Named the "#1 Provider of Project Management Content in the World," Brad Egeland has over 25 years of professional IT experience as a developer, manager, project manager, cybersecurity enthusiast, consultant and author.  He has written more than 8,000 expert online articles, eBooks, white papers and video articles for clients worldwide.  If you want Brad to write for your site, contact him. Want your content on this blog and promoted? Contact him. Looking for advice/menoring? Contact him.

    Picture
    Picture
    Picture
    Picture
    Picture
    Picture

    RSS Feed

    Archives

    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012
    February 2012
    January 2012
    December 2011
    November 2011
    October 2011
    September 2011
    August 2011
    July 2011
    June 2011
    May 2011
    March 2011
    January 2011
    December 2010
    November 2010
    October 2010
    September 2010
    August 2010
    June 2010
    May 2010
    April 2010
    March 2010
    November 2009

    RSS Feed

Powered by Create your own unique website with customizable templates.