Cybercrime is technological climate change. It is not a problem to be solved; it is a situation to be managed.
Becoming cyber secure requires cultural adaptability – only the CEO can lead that effort.
- Cybercrime is growing. It is not a passing fad. It will not go away. It will continue to become more pervasive. It will pose an ever-increasing threat. It will rain down financial costs and damage lives. Some of you will feel it as a mild tropical storm. For some, it will have the financial force of Hurricane Irma.
- It is not just big organizations that are targets. Everyone – companies of every size and all of us as individuals are at risk. One in every 131 emails contains malware. 50% of small and medium-sized businesses in the U.S. have reportedly suffered at least one cyber attack in the last 12 months. Yet most people still think it won’t happen to them – until it does. Over 40% of the victims of cyber attacks are small and medium-size companies. 60% of those companies don’t survive – they are out of business within 6 months of being attacked.
- Cybercrime is not a problem to be solved; it is a situation that must be managed, measured and marginalized. And you can do that, but…
- To do that requires cultural adaptability – the changes in awareness, behavior, and communication needed to succeed in this new worldwide reality.
- Achieving cultural adaptability requires more than management – it requires leadership. It can only be achieved when it is driven and led from the top – it must come from the CEO. Managers can execute specific strategies and tactics within their areas of direct responsibility. They cannot drive or be held responsible for complete cultural adaptation.
- How will you, as a leader, effectively master this challenge?
Some thoughts on how to begin to become cyber secure:
- Don’t fear cybercrime; prepare your organization to prevent, detect and recover from cyber attacks. The term cybersecurity does not mean, however, that you are completely impenetrable – it means that you are a “hard target.” Hard targets are not a criminal’s first choice.
- Know that cyber compliance – with the standards and procedures needed for data protection within the parameters of your information systems – is not the same as cybersecurity. Even compliance requires more than what IT alone can provide and manage. It requires policies, etc. beyond the scope of IT. Cybersecurity involves even more; it requires the kind of leadership that can command and drive your entire culture to new kinds of adaptive behavior.
- Talk to your IT personnel, both inside and outside your company. Make certain that they understand that you are not holding them responsible for all the pieces of the security puzzle. They can and should be held responsible, however, for creating a false sense of security by representing that they have the entire cybersecurity issue under control based solely on their knowledge about the data piece.
- Find the resources either from within your organization or from outside professionals who understand and can help you lead in the creation of required new cultural behavioral norms. Create the plan.
In the absence of leadership, the profound words of Peter Drucker will visit you: “Culture eats strategy for breakfast,” because if your culture and your people are not aligned and trained to see, think and act differently – no cybersecurity strategy will protect you.
If this resonates, spread the word. Share this article. Let’s make this a societal priority. Climate change is a motha, but we can prevail. Thanks.
Author: Bill Leider
Bill is a Managing Partner at Axies Group – a consulting firm, focused primarily on helping leaders develop Balanced Organizations, focused on Vision, Values, Values-driven leadership, Culture, Strategy and Greater Purpose. Clients range from Fortune 500’s to mid-size companies to start-ups in many industries He has also been the CEO of both publicly held and privately owned companies. His book: Brand Delusions looks at Brands from a holistic perspective and has been critically acclaimed. You can learn more about him at: www.axiesgroup.com.