Wisdom consists in being able to distinguish among dangers
and make a choice of the least harmful.
Machiavelli
Why do most executives relegate digital security to the bottom of the list and leave it to the technicians? Digital security requires specialized knowledge and there is no personal payoff. Have you ever heard of a CEO being rewarded for spending money to prevent a disaster that never happened?
According the Harvard Business Review (Article 4031), given the escalation in security threats, an arm's-length approach is unwise. You can not master every aspect of your IT systems. You can't achieve total protection. You can treat digital security like any other operational challenge.
-
Assess the business value of your informational assets.
-
Determine how vulnerable those assets are.
-
Tailor protection to your company's vulnerabilities.
-
Reduce risk to an acceptable level.
We tell business owners, "Don't be held hostage to technicians." We teach our technicians to minimize the "technical mumbo jumbo" and talk about risks and costs. Advise the client on the technology in a way that they can make informed decisions about risk management and budget.
The issue of earnings versus security is an issue of risk management. In regards to security, the CEO can not afford to respond to every security threat with equal aggressiveness. It is our job to work with you to do the following:
-
Access what security risks are most likely to materialize.
-
Identify which risks can cause the most damage.
-
Know the cost of mitigating the risk.
-
Know the potential cost of the damage.
Our technicians can access the security risks most likely to occur and provide estimates to mitigate those risks. They can also prioritize from a technology viewpoint. However only you know the potential cost of the damage, your risk aversion, and available budget to solve the problem.
