How do you know that you know enough about Cyber Security?
so you can answer the question:
How do you know that you've done enough?
The tricky bit is when an organisation has no I.T. department and relies on their I.T. provider to make them safe. That's assuming that the business has asked their provider to sort out their cyber stuff and that the provider knows how to deliver layered protection.
(Note - I'm going to try and discuss the next piece is with a light-hearted string of pithy sayings and a medical theme)
Some people suffer from a bad form of "You don't know what you don't know", others have a bad case of "A little knowledge is dangerous" and there is a general epidemic of "Ahh I.T. that's looked after by that I.T. guy".
All of which is exasperated when you have other conditions such as "apathy", "inaction", "confusion" and "outside my comfort zone". This can lead to other more serious conditions such as "Elephant-in-the-room'itus" or in latter stages, can mutate into "The Emperor's new Clothes".
When you also consider some people believe they have a little bit of "In the valley of the blind, the one eyed man is king" you can begin to see how much of a challenge this will be when you address the human component of Cyber Security.
Technical people are very good at technical things. For example, how many great engineers went on to become successful personal motivators / counsellors. I'm seeing a large gap between how techies explain Cyber Security vs how non I.T. literate user need it to be explained simply and in plain English.
To help address the very large amount of assumptions made around this subject within SMB, we have worked hard to develop a simple, friendly and effective Cyber Awareness Session for non I.T. people. This is even more critical for organisations that have compliance or regulatory challenges such as legal or finance businesses. Did I say that it was free, in case I didn't, here it is. It FREE.
If you’re interested, please have a look HERE for more details.
BE SAFE - STAY SAFE