If you were a bank manager and all of sudden one day armed and masked criminals walked in through the bank’s front door and demanded money, what would you do? I can think of a whole bunch of possible options, many of them suggested by countless action movies. The key point here is that you sure wouldn’t just sit there and do nothing. So why, as cyber criminals target your company’s IT infrastructure, are you just sitting there today?
Hey, you’re just an IT Leader right? You spend your days trying to get a team of IT professionals to work together to accomplish great things for the company, who’s got time to worry about cyber criminals coming in from the outside? Well guess what, just like preventing forest fires, stopping cyber crime is everyone’s job.
In most IT departments and the companies that they are part of, what’s missing is a company wide strategy for dealing with the twin issues of system security and regulatory compliance. One of the key reasons that we seem to do such a poor job of this is simply because nobody’s really been trained on what the best way to identify and classify risk is.
If you think about it, the threats come from a wide variety of different sources: smart international cyber criminals, angry ex-employees, and everyday user mistakes and gullibility.
The Bad Guys Just Keep Getting Badder
Every IT Leader needs to always be on the alert for things that just don’t seem right. It can be as simple as members of your team’s laptops not behaving in a way that they are supposed to or you receiving suspicious phishing phone calls.
The experts who study the ways of modern cyber criminals are telling us that the bad guys have recently really started to take it up a notch. They are evolving from the cyber equivalent of petty street crime to mob-like activities.
What’s going on now is that cyber criminals are taking over control of large numbers of PCs (creating what’s called a “botnet”) and then remotely commanding them to take synchronized actions that can do things like take down web sites. They take advantage of major news stories such as earthquakes and convince people to download software that then infects their computer.
What’s An IT Leader To Do?
Great, so the world is evolving and becoming a more dangerous place for IT Leaders to work and play, This naturally leads to the interesting question: what should you be doing about it?
As an IT Leader, you have a single way of making your company more secure: managing your IT team. You need to be doing the following three things: making sure that your team is constantly being trained and educated about the latest threats, restricting the types of applications and corporate data that each member of your team has access to, and finally making sure that when an employee leaves for whatever reason that you firmly lock all of the system doors after them.
What All Of This Means For You
IT Leaders already have a full plate of things to do. However, it turns out that the forces of cyber darkness continue to grow and become more dangerous to companies. This means that everyone has a role to play in keeping the company safe from outside threats.
As an IT Leader you have a responsibility to make sure that your team is part of the solution, not the problem. This means that you need to work with your team to boost their awareness of cyber threats and make sure that they don’t get tempted to harm the company.
By doing your part to secure the company against cyber criminals, you’ll be freeing your team from potential distractions and outages and in the end, you’re going to be making everyone more successful.
– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Management Skills™
Question For You: What do you think the #1 cyber crime threat is to a modern company?
Click here to get automatic updates when The Accidental IT Leader Blog is updated.
What We’ll Be Talking About Next Time
There probably isn’t a problem out there that couldn’t be solved by adding some IT to it. In fact, once you had done that, you could probably make that solution even better by adding more IT to it. At what point is too much IT considered to be too much of a good thing? IT Leaders need to be able to realize when enough is enough…