So, why is Warren Buffett comparing cybersecurity to nuclear war?
Beyond even the IT industry, cybersecurity concerns are the buzz of the business community in the modern era. Warren Buffet even says that threats to cybersecurity concern him more than the threat of nuclear war. It’s with this focus that we give this succinct overview of a few of the building blocks of a successful IT security process with a few descriptive comparisons
Gauging Vulnerability to Cybersecurity Threats vs Automotive Inspections
Before you go on a cross-country trip, it is a good idea to have your car looked at by an automotive technician. Why? A professional technician will be able to identify problematic issues with your car before you’re potentially left stranded in the middle of nowhere. It’s with this notion of preventive analysis in mind that businesses should consider in-depth cybersecurity assessments of their IT systems. An exhaustive analysis of network systems will identify vulnerabilities and help them develop the best cybersecurity plan.
Step 1: Cybersecurity Threat Response Strategy vs Cruise Liner Emergency Drills
If you have ever taken a vacation on a luxury cruise liner, you’ve experienced a safety briefing before the festivities began. During these drills, everyone on the ship is educated on what to do in the event of a crisis on board the ship that requires evacuation. Typically everyone knows where to locate a personal floatation device and is assigned a muster station where they can board an emergency lifeboat. Just like these “in case of emergency” briefings, your business needs to have a strategy established for limiting lost data and system breaches in the event of a cybersecurity attack. Not only is this strategy just good business sense, but will also help ease the anxieties of business stakeholders and shareholders who have invested time and money into a company.
Step 2: Enacting Cyber Threat Detection & Prevention Strategies vs Airport Security
Walking through airport security, one will notice an increase in security measures. Whether it is a thorough screening of every passenger allowed anywhere near an airplane to scanning passenger luggage, measures are taken to ensure the safe travel of expensive aircraft, their passengers, crew, and the skies in general. When businesses fail to employ threat detection and prevention strategies to protect their systems, their extremely valuable data are subject to theft and loss. The equivalent of an organization without prevention and detection protocols in place would be an airport without any passenger screening or even possibly flight safety checks. In the same way, an airport without proper safety protocols would deter passengers and make flying dangerous, a business without established IT security threat prevention and detection plan would increase the vulnerability of data.
Step 3: IT Security Among a Remote Workforce vs An Armored Car Crew
If you have ever seen an armored car unloading cargo, you will notice a few unique details. Firstly, you will notice that the vehicle is outfitted with small, thick windows as well as thick plating throughout. Secondly, you will notice that the crew loading the cargo are outfitted with not only bulletproof vests but also accessible firearms. All of these attributes are necessary because the armored car crew is transporting large sums of cash and other valuables to various locations. With armor to protect the cargo and deter would-be thieves, the risk of having the cargo stolen is significantly decreased. Just like the armored car crew has taken measures to ensure the safe transport of valuables, so too should businesses employ measures to ensure the safekeeping and flow of data for remote employees.
Personal records, business information, sensitive research, and other data is extremely valuable to cyber thieves. Because remote employees require access to this data from wherever they happen to be working, establishing cybersecurity protocols for remote workers is the equivalent of properly outfitting armored car personnel. When organizations fail to take adequate security measures regarding remote employee access to data, it is the equivalent of an armored car crew transporting their same cargo without any protective measures in place.