6 questions every CEO should ask about cyber security

Online presences are ever growing, but one element of online growth that isn’t increasing at the same rate is the knowledge and awareness of cyber-security. It’s vital all business organisations, large and small ask the right questions when initiating the conversation on how best to implement online security techniques within the business.

What is cyber-security?

It is the protection of hardware, systems and data. Cyber-security is something that affects everyone, the sheer panic about leaked photos and lost data can turn even the most laid back individuals into worriers. This is because people want to trust, and to be trusted. This applies to everything connecting online from an individual’s smart TV, smartphone, laptop and most importantly the businesses they interact with and by default, hold personal information on them.

So, what are the CEOs of many multi-national companies doing about it? Well, data security can either make or break a business, and many recent scandals in the news whereby personal emails are hacked and customer accounts are broken into seems to be a recurring theme in the media. Here are the top six questions every CEO should be asking themselves about cyber-security…

The initial question, should you be identifying the risks?

We know what you’re thinking, that’s obvious, but you would be surprised how many people don’t know the actual risk, even if they are the CEO. So, how to discover this? Well, we would suggest using the National Institute of Standards and Technology. They have simple step-by-step guides to help identify, mitigate and prevent cyber attacks from occurring.

How do you know if you have every possible source of cyber attacks covered?

Cyber-security is new, it only came to fruition in 1991, thus making it a major obstacle to overcome for a business dealing with personal information when new breaches and weaknesses are emerging every day. Cyber attacks can originate from terrorist organisations and experienced hackers to computing wiz-kids in their bedrooms, hence why cyber-security needs to be constantly evolving with growing threats. Engaging and measurable training programmes for your staff, namely eLearning is a necessity when it comes to business security.

Who do we need to train in cyber-security?

Training is vital for all employees yet it can be costly. You might be reading this as a CEO thinking you don’t want to spend any more money on learning and development, but you have to ask the question: what happens when a huge security error occurs as a result of untrained or misinformed employees? This can often result in making the business look unprofessional, untrustworthy and dishonest in their promises of personal data protection for customers.

Security breaches can cost the entire reputation of a business, which may not be recoverable customers are nervous about their personal information being leaked again in the future. Once it has happened for the first time, will they just look elsewhere for using your products or services? With all this being said, it’s wise to consider the long-term savings of both money and commercial reputation by investing in the learning and development of your staff.

Are all of your employees willing to jump on board?

As we have established, cyber-security is one of the most important factors of your company’s overall reputation, so if your staff aren’t on board with the importance of security training, then it is vital you address this, as it only takes one case of human error for catastrophic results. Everyone in the organisation needs to be following the policies and procedure to ensure that the utmost security is kept at all times. It is the role of the CEO to ensure employees are taking the absolute correct actions when it comes to security, as when breaches do occur top level management are often to blame in the media, despite most likely not being directly involved in the security breach.

How to protect company personal information?

A business’ personal information on its employees and customers is paramount to its reputation and competitiveness. Data leaks would not only compromise the trust element in the eyes of the customer, it would also leak this information to competitors. This information could easily include patented technologies and solutions, upcoming business ideas and the framework of USPs that make customers come to you rather than other players in the marketplace.

Are new ventures secure?

CEOs are always looking for the next big thing which is what makes them who they are, but virtual security, which isn’t usually the main focus now needs to be carefully considered in relation to new business partnerships. Another question that a CEO needs to ask themselves from time to time is whether the relevant intellectual property is protected under the management of new professional partnerships. If not, they may as well back out of that next big deal with a client that is not cyber-secure, especially if that new business partner is critical to their overall success of their own company.

Overall, we would suggest that if you are a CEO and are not sure why your cyber-security team is demanding extra funding, then look at the facts that matter – 60% of SMEs actually go out of business after suffering from a major cyber attack. MyDoom, a worm spread via email has caused 38.5 billion dollars worth of damage and 99% of computers are vulnerable to exploit kits.