Professional Documents
Culture Documents
Free Guide The CyberTree Paradox by Naveen Vasudeva
Free Guide The CyberTree Paradox by Naveen Vasudeva
Operational Resilience
Guide
For the Proactive CEO
This world is changing every millisecond, and with these new ways
of being exposed to unknown risks. Trying to keep up with what you
need to know as a business owner in all aspects of your business,
taxes, laws, and staff needs can be overwhelming. On top of this,
cyber security is sometimes a new language, mainly foreign to most.
A lot of CEO’s may not know where to start when trying to understand
how to manage their cybersecurity risk and treat is a business and
not a technology risk
Just as your brand and business financials are not just something for
your marketing team and financial director.
And as CEO and chief steward of the ship, it is your business to know.
At the end of the day, when things go terribly wrong - how will you
ensure that business can continue to operate? How will you ensure
that you don’t land your business into a legal or liability hotspot in the
unfortunate situation of a breach?
What would happen to your business
if all systems were suddenly shut down,
or your client data stolen?
I believe in a level playing field where you don’t need to have big
budgets or spend millions to get access to good cyber protection
for your business - where often the small and medium businesses
are the most exposed.
Regards,
Naveen Vasudeva
10 Operational Resilience Tips
For the Proactive CEO
Technology Busine s s Sh o p A r o u n d
Ack nowle dge m e nt
R ecognise se c ur ity a s
D o n ’ t s u r r e n d er to f ear
a busine ss r isk
Even worse, they were unaware the attack had taken place and
their IP had been stolen. It was not until months later they came
across their designs on the internet under development by another
nation state, and in production! Their lifelong ideas and hard work,
gone in just 60 seconds!
Many CEOs and business leaders make the mistake to relegate
cybersecurity to the domain of IT.
Ti p:
Align your cybersecurity strategy with your business
strategy and goals by….
a) understanding what it is you are wanting to protect
b) what value does your business information hold and
c) what impact would there be if that information was
lost, leaked, unavailable or corrupted
Ti p:
Make sure you are not the problem as part of the supply
chain by ensuring your own effective cybersecurity hygiene.
Cyber Essentials or Cyber Essentials Plus will not be sufficient
in moist cases.
Accept the fact that no matter how you view what your business
does, you are a technology business if you want to operate in the
21st century, which means you need to think like you are actually in
the 21st century. Don’t rely on your old ways of thinking,
“this will never happen to me” or “why would some target my business.
The answer is in the question - your thinking is outdated,
Technology drives everything, event if you are a 1 man band or
FinTech - your IP is what drives your business.
Ti p:
Technology runs everything. Have that at the forefront
of your mind when setting our your technology and
cyber security objectives to protect your business.
Ti p:
Bigger is not always better and brands vs no brands can
achieve the same objective so don't be a technology snob!
Ti p:
Security is a business risk, if you treat it as a technology risk
alone, you will never have a real insight to your cybersecurity
risk and threat landscape
Ti p:
Good cybersecurity advice should not break the bank, yes
its a specialist skill and in some cases can come with a
heavy price tag, be clear on what you want to invest and
work with people that can achieve that.
S top compari ng your bus i nes s ri s k s t o
oth ers or your cyber s ecur i t y pos t ure t o a
si mi l ar si ze d company!
Ti p:
Always hold up the mirror to yourself before you
compare your business to anyone else.
S hop A rou nd
Don’t accept the first bit of technical security advice you are given,
shop around, if you have hired an expert then LISTEN. If cost is your
main driver, just remember, in most cases you will always get what
you pay for, never assume you are getting more, that is a myth!
Security is based on contracts not goodwill.
Ti p:
There are over 9000 cybersecurity suppliers in the UK alone,
let alone the world, no shortage of technology that can help.
Be smart, do youtube research and challenge your advisers.
Is the best way to learn.
By that I mean educate yourself, be aware, at the end of the day it's
your business, you can't blame others or make the assumption it's
being done CHECK! Without being lame, you know what you know
and you don’t know what you don;t know - however, without being
informed correctly you will end up taking the wrong action - point in
case with where this phrase came from.
Ti p:
Being intelligence led in business may sound simple but in
most cases its not. Having the ability to see what is coming
is important, we forecast in business all the time, same
applies to security. The world moves at such a pace, be
on that train, rather than watching it go past you.
Don’ t su rren der t o fear!!!
Yes, for a long time anything cybersecurity related has come with
a lot of doom and gloom, whatever the issue is, has to be relatable
to your business. How will that impact you and do you have the right
processes, procedures and utilities in place to defend against, with
the right outcome for you? Fear does not work. It may be reactionary
and potentially some legitimacy in a technical call to action,
but measure it.
Ti p:
If anyone is attempting to sell you something based on fear,
sack them! There is no room for it, let it be based on fact
and impact to yoru business so you can make informed
and intelligence- led decisions.
In business, it is often the little things
that matter to us.
The acts one can implement today at low cost and build upon,
like policies, processes and internal procedures and assess
technically what will pay off in the long term.
It ensures that it is not just those in the know who will be protected, but
the average person walking down the street has peace of mind also.
With more and more small businesses on the rise, I want them to
have a good fighting chance to stay in business and not be crumbled
by a cyber attack they didn’t see coming.
Our advisory breaks things down into simple language to empower you
to make an informed decision on which risks need to be prioritised
and can be mitigated. Then supports you with implementing the
essentials to ensure those risks are addressed….
N a v e e n