Protect your business with proactive cyber security measures

Don't Procrastinate on security measures: Protect your business with proactive solutions from Northdoor

31st December 2018Blog

Are you ready to get in touch?

Request a Call back

Don’t procrastinate on cyber security tasks

When it comes to network security program management, time is of the essence. Threats need quick attention, incidents require rapid response, and confirmed breaches must be dealt with promptly. Less urgently — but equally crucially — security teams must complete vulnerability and penetration testing, remediate issues uncovered during previous assessments, and roll out security awareness training.

As important as these security tasks are, they’re often put off or otherwise ignored in favour of more pressing matters. This is often due to unforeseen circumstances that are out of the organisation’s control, but just as often, it can be chalked up to pure, unabashed procrastination.

Procrastination is the enemy of security

Procrastination is an obvious barrier to security success because it puts the business at unnecessary risk. With so much day-to-day work to accomplish, the predictable fires to put out and so on, it’s easy to get distracted and put off what’s most important in your security program.

A lot of IT professionals have personalities that strive for perfection, and sometimes that means waiting for the “perfect” time to get things done.

As novelist Erica Jong once said, “We are so scared of being judged that we look for every excuse to procrastinate.” Even if it’s subconscious, putting things off is a way of taking yourself out of the spotlight. Still, time passes, and with all that goes on in security, that presumed perfect time never comes, and issues keep building up.

It’s human nature — and more fun — to try to address new things as they crop up. You know, those questions from your boss, the fun new project coming down the pike, the vendors showing up for their proofs of concept. But then reality dictates that you prioritise your security focal points.

Put together your security to-do list

Security to-do lists fall into predictable categories. Some things are nice to have, while others need to be addressed in the short term, and a select few items need to be done immediately. When faced with perceived risks, longer-term projects, and other things you know need to be done, ask yourself the following questions to determine where to focus your efforts best:

1.) What, exactly, needs to be done? Not fully understanding this can lead to problems from the get-go.

2.) Do you need to do it now? If so, get to work.

3.) Can you do it later? If so, how long can it wait? What resources will be required once you start so you can lay the groundwork?

4.) Can we put it off until later, perhaps indefinitely? You should probably wipe tasks that fall into this category off of the slate altogether or delegate them to someone else or another group outside of security.

For the latter three questions, you need to consider the short- and long-term consequences of not addressing the problem now. It’s up to you and your team to determine what matters most in the context of your business and your overall security goals. You cannot take this approach to security program management lightly. If you do, you’ll end up like so many others who both ignore the basics and assume nothing bad will ever happen to them.

Hold yourself accountable  

There’s always going to be uncertainty, and there will always be new things that create distractions. Don’t waste another minute thinking about where to start. The best way to progress is to get to work. Figure out what needs to be done, devise a plan and do what it takes to make it happen, including holding yourself and your team accountable.

Time will pass anyway; why not start fixing what you know needs to be fixed? Like German writer, Johan Wolfgang von Goethe once said, “The things that matter most must never be at the mercy of the things that matter least.” Don’t let procrastination facilitate an otherwise preventable security breach.

Written by Kevin Beaver, Independent Information Security Consultant


Related cyber security topics

Solution

Zero trust: a new approach to cyber security from Northdoor

Unprecedented threat levels demand a new approach to cyber security: a zero-trust approach wraps security around every element in your network.

Solution

Cyber Security as a Fully Managed Service

Trust Northdoor to protect your critical data assets, infrastructure, endpoints and users against cyber security issues from core to edge and beyond

Solution

Email Security Solution

Email security risks needs to combine technology with human aspects

Solution

Endpoint Detection and Response

Secure your organisation against cyber attacks across your diverse and constantly changing endpoints with EDR solutions from Northdoor.

Solution

RiskXchange AI-Enhanced Cyber Risk Management

Map your partner and client ecosystem to determine and manage your 360° cyber risk rating.

Solution

Security Threat Analysis Exercise

Receive a security threat analysis of your company, from Northdoor., covering all significant aspects of IT security and data protection.

Interested in our data security solutions?

Request a demo or contact sales on: 0207 448 8500

Contact us

Our Awards & Accreditations