Here is a quick lesson on how to run your organizations cybersecurity starting with the two most important laws of cybersecurity.
Law No. 1: If There Is a Vulnerability, It Will Be Exploited
Law No. 2: Everything Is Vulnerable in Some Way No matter what the concerns or problems are regarding cybersecurity, they all stem from a vulnerability of some kind, whether it be human, process, technical or other.
We need to understand our vulnerabilities and we need to understand what risks those vulnerabilities expose. Once we understand those risks, we need to determine whether we can accept, remediate or transfer that risk (via cyber Insurance) and most importantly we need to understand this in economic terms, so we can prioritize our remediation activities based on financial impact.