Organizations seem to talk a lot about the ones and zeros of finance. Unfortunately, little is being shared on the ones and zeros of data of technology. When we do hear about technology, it’s usually when something has gone awry — at which point costs are likely to skyrocket.
Why, then, are so many organizations averse to talking about risk? Some will say: “If we talk about this, then won’t that give people ideas?”
Now is the time to facilitate fictional scenario-based, tabletops, or walkthrough exercises. These exercises exist to help ensure organizations are “making things real” of a worst-case scenario.
Imagination is there to help ensure the right people, process, and technologies can be in place to support an otherwise “unimaginable” event; whether it’s a cybersecurity breach, or an attack on critical infrastructure.
I’m reminded of the wise words of IT World Canada’s CIO Jim Love:
“If you have your first meeting with Information Security (InfoSec) the day that you’ve been breached, that’s the wrong opportunity to meet those folks within your organization.”
Jim Love, CIO of IT World Canada
If the events of late in Canada and across the globe have taught us anything, organizations of all sizes need to shore up their defences.
In the next 30 days, do your best to line up a #CyberCoffeeChat. Meet with those who would be part of what may be your future incident response team. Examples include security, communications, service desk, privacy, legal, and so on. Now is the time to engage with these individuals and teams, especially as we begin the shift toward hybrid work.
See for yourself how this simple act might just be the key to unlocking your organization’s cultural mindset; shifting from being risk averse to one which embraces imagination.
Why not go a step further by “find[ing] a way of routinizing, even bureaucratizing, the exercise of imagination,” as famously noted in the 9/11 Commission’s report?[1] This is critical, especially as we look ahead as to what might transpire amid the evolving geopolitical crisis in Europe.
“What’s the worst that can happen?” We might find the answer to that very question may lie in avoiding such risky conversations altogether. The world’s hopes remain for a peaceful resolution in Europe.
More Information
For more on this topic, check out the full clip from this week’s panel discussion for MapleSEC’s Satellite Series:
References
- National Commission on Terrorist Attacks upon the United States. The 9/11 Commission Report: Final Report of the National Commission On Terrorist Attacks Upon the United States. Access at: https://www.govinfo.gov/content/pkg/GPO-911REPORT/pdf/GPO-911REPORT.pdf (p. 344).
Disclaimer
The Information provided on this website is for general educational and informational purposes only. It is not meant to serve as professional advice. Further information regarding this disclaimer may be found on the General Disclaimer page.
0 Comments