Cyber Security vs Blind Faith
(“the belief or trusts in something or someone without evidence or logical reasoning”)
Keep Information Security Services
https://www.wearekeep.co.uk/wp-content/themes/keepinformation/img/logos/keep-purple-logo.svg
300
80
Keep Information Security Services
As we KEEP do more and more work around the world for corporations, government departments and CNI providers we’re seeing a recurring and worrying trend; Blind Faith.
Whilst some of this may be cultural, it can no longer be used as justifiable reasoning for the failure to secure core assets, understand the possible threats or at least implement basic protections.
Why?
If a number of individuals and/or departments are under the impression something is being dealt with or resolved, there’s an inherent blind faith that an “issue” is being addressed or is simply not a problem (at least not for them). The problem being is the inevitable hamster wheel of all believing someone else has it under control, thus “blind faith”.
Validate
This isn’t micro management. If you’re a relatively mature organisation (from a cyber perspective) then some frequent KPI’s and reporting should be available that highlight where issues are being addressed and that are held and any that simply can’t be done, alongside some sensible validations for anything that doesn’t sit right!
An immature organisation may not have such metrics available, or at least not regularly available. Even so, and even with resource or budget constraints, some form of validation, ownership or awareness needs to be in place. Even the smallest of steps equal progress.
Regardless of your organisation’s size, who can confidently say they have a good handle and insight to all areas of the following????
Small businesses; https://www.ncsc.gov.uk/collection/small-business-guide
Medium to large businesses; https://www.ncsc.gov.uk/collection/10-steps
It’s inevitable within nearly all organisations they’ll be area(s) lacking, which is perfectly understandable, but can you hand on heart say you understand these AND have a plan for resolution?
Who’s in the blind faith zone and when did you last question / validate a position and who’s in the high confidence zone??
If you’re struggling our consultants can help, even with validations of your proposed strategy for resolution. Speak to us today
Related articles
19th June 2024
https://www.wearekeep.co.uk/wp-content/uploads/2024/01/iStock-1223732386-500x214.jpg
SOC2 ISO27001 NIS2 Cyber Essentials
NIS2 vs SOC2
6th June 2024
https://www.wearekeep.co.uk/wp-content/uploads/2019/07/madhu-shesharam-HRA_VAi9_Nc-unsplash-500x333.jpg
cyber security projects
Important Questions to ask your Cyber Security Team or MSP
6th March 2024
https://www.wearekeep.co.uk/wp-content/uploads/2024/01/iStock-1479180033-500x281.jpg
Managed Cyber
Top Cyber Security Monitoring Questions to ask your Cyber Security Team or MSP
