What is the value of your company’s data?
If you are a business owner or leader, chances are that you want to grow the organization, gain market share and reach other business targets. Your data is one of the most critical and valuable asset to your organization, but investing in risk management seems like a distraction and a waste of resources. You’ve made it so far, so why change something that’s been working fine until now?
Five Questions:
1. Besides your own proprietary information inside your organization, what sensitive, PRIVATE data does your organization hold for:
- Your Clients?
- Your Employees?
- Your 3rd Party Suppliers?
- Your Patients?
2. What is the value of that data (to you, to cyber criminals, to stakeholders)?
3. What is your DUTY OF CARE (legal and moral) to your clients, employees and suppliers that put their trust in you to keep their private data safe?
4. What is the cost if something were to go wrong with your data to your REPUTATION, your FINANCES, your STRESS LEVELS?*
Your clients and other stakeholders expect and assume that their sensitive, private information is kept confidential and safe. The best way to reduce the likelihood of a data breach and minimize the severity of its consequences is to build your company’s security from the ground-up, right from the beginning. Most often though, this is not the case. If you’re like most organizations, you are in a situation where you will have to retrofit a cyber security program.
1–10–100:
If we use a scale of 1–100 to categorize cost-severity levels, building security countermeasures into the organization from the start is the lowest cost at level 1 followed by the retrofitting category at level 10. The unpleasant and potentially catastrophic alternative to both level 1 and 10 is level 100: a security breach of your most valuable and sensitive data — your organization’s crown jewels.
The final question:
5. Do you have a plan to BUILD PROTECTION around all the CRITICAL POINTS in your organization so that you can move forward with confidence, achieve your targets and succeed?
If you want to grow your market share, reach your business goals or just simply be able to maintain your everyday business operations and survive, then cyber security makes good business sense.
- In a future note, we will be talking about what it will cost you to not answer these questions. For now, here are three things to think about in the meantime: Notification costs ($), post data breach costs ($$) and costs in lost business ($$$).
Dominic Vogel — Chief Security Strategist
