A tricky question, I know. We know that too much security will disable your organization and too little will make you vulnerable. So, where’s the happy medium?
“It is not about enough security, it is about enabling the right security.”
That tells us that we need to define who we are.
You need to ask yourself some questions:
- What do you consider being your crown jewels? You know, the data that is vital for running your business. Is it defined?
- Are you working in a vertical with regulations? Do you know how to be compliant?
- Do you have the right resources (people, processes and/or technology), either internally or externally?
Those are just an example of a few questions that you should consider. I can think of 200 more, but this is a good start. It gives you a push in the right direction to get closer to an answer.
Identifying your most valuable data not only tells you where you should put your effort, it should also tell you where you shouldn’t. And then, of course, you will find a lot of grey zones where you need to do something just so you can sleep well at night. You know, the data that you would survive losing but it would, in some minor ways hurt your business.
In other words, sort your data in these silos:
- Precious: You would lose your business if you lost it.
- Crucial, but not vital: Data that could cost you money or time if lost, but you would stay in business.
- Whatever: Data that is expendable. You would not notice if you lost it.
- Regulated: Data you need to protect because of regulations. Eg: GDPR.
Resources are for many companies the biggest challenge. Not having the experts, processes or the (right) technology makes it hard to come up with solutions that protect your data in a decent way.
So many words…but is there a way to
actually measure if I am as safe as I want to be?
As you already figured out…I will not give you ONE answer in this article. The reason is, or course, that there are as many answers as there are companies. We are all unique to some extent.
Be advised that there is a way to get an individual, spot-on answer that you can use as a unique guideline for you and you only. At SecureLink we help Europe’s leading security professionals navigate the complexities of designing an effective cyber security strategy fit for the modern world.
We call it SMA.
Security Maturity Assessment. With our tool you can see how your maturity score compares with competitors in your industry, as well as all other SecureLink customers.
Additionally, you can track and monitor how your own security maturity is changing over time.
The tool focuses on three features:
This is a really cool and powerful tool that is easy to deploy, and you can use your findings out of the box.
How do you know if you are good enough?
Take our SMA and you will know.
Read more about the assessment: www. securelink.net/sma/