Critical Business Strategy, Due Diligence, and Validation


I recently attended a conference around both Cyber Security and Business Continuity, and there was a recurring message: No matter how much you prepare, you will have some sort of Cyber Security event.

No matter how much you prepare, you will have some sort of network downtime.

No matter how much you prepare, you will have some sort of data loss at some point.

Here were a few of the statistics and observations shared by Rodney Petersen, Director or the National Institute of Standards and Technology (NIST)

  • Network downtime for a 50-employee company costs a national average $8,450.00 per-hour in loss employee productivity, plus loss of employee and customer confidence.
  • New European Union Cyber Security regulations charge up to a $5,000.00 fine for every file comprised due to Cyber Security leaks. The U.S. is proposing the same standards.
  • Without enterprise-level tools, the average malware introduced to a network goes 6 months before detection.

Cyber Security Awareness

Some of the notable points made by Robert Brown, Attorney at Law that specializes in trade, acquisitions and divestitures for US and foreign companies was that:

  • In the 2016, the largest single illegal transfer of wealth occurred due to cyber crimes, over $250 billion worldwide
  • Ransomware will continue to grow and will peak in 2019
  • Most insurance companies will not cover losses if the insured cannot demonstrate that they have deployed and tested appropriate industry standard solutions.

As a business owner, either executive or IT manager, have you considered your risk factor? Have you engaged a third party for a vulnerability assessment? Based on this, have you implemented remedial strategies? Have they been validated? Will they be reviewed on a regular basis?

Thoughts to consider:

  • It’s not about perfect security, it's about due diligence
  • Due diligence requires a full spectrum of counter-measures
  • Vulnerability assessments are a critical component of successful security programs
  • Understand that your organization is not as unique as you think it is

Given the inevitability or computer losses, you will be judged not by whether you were a victim of an attack, but how well you planned for it.”
Computer Security Institute


About the Author

mark-mcbee.jpgMark McBee is a 25-year IT industry veteran. He was a founding member of a $250MM National VAR and a managing partner and COO for a regional Managed Service Provider. During that time he was on the partner advisory boards of Lenovo, HP printing and Imaging and Okidata. He currently serves as Vice President of Managed Services/Cloud Services for V-Soft Consulting.

Connect with Mark on LinkedIn today.

Topics: Technology, Main, Security, Managed Services, Cyber Security