Cyber Security Approach

A Pen or Pencil Cyber Security Approach

SHARE

There is no question that businesses need a robust Cyber Security approach — the ongoing attacks against businesses of all sizes, and even high-profile individuals like Facebook owner Mark Zuckerberg, make that clear. But do companies have the right Cyber Security approach??

In general, there are two basic ways to model a Cyber Security approach: with a Pen or Pencil strategy. Think of it this way — when something is recorded in ink, the decision is permanent. A choice is made and the decision is locked in. On the other hand, when a pencil is used, there is room for improvement even in a long-term commitment.

If a business owner wishes to take the Pen approach and lock in the initial Cyber Security approach, which may be fine. But if they want the option of adjusting their Cyber Security decisions at some point in the future, with the Pencil approach, erasing their existing controls and making adjustments with proper change controls will be a fairly simple task.

The decision between the Pen or Pencil strategy for a Cyber Security approach carries profound consequences. It is the choice of whether you will lock yourself into a set of security practices and forget about long-term strategy or remain flexible and respond to new events. This issue is particularly important now as cyber threats become more sophisticated and attack a wider range of targets with a broader array of techniques.

Cyber Security Approach – The Pen Approach

Despite this growing danger, some business owners prefer the Pen approach. They believe the Pen approach allows them to focus on growing their company instead of diverting valuable resources and their attention to IT issues. Expenses may also be an issue. Since some business owners view Cyber Security as a cost center and do not want to pump in more than the bare minimum of funds. For that matter, it is not unusual for an internal IT department to adopt a kind of “lay low” mindset in the interest of self-preservation. If the IT department is not seen, it is less likely to be scrutinized during a round of budget cuts.

But before a company adopts the Pen approach and locks into a cyber-protection track, some implications should be considered. One issue is that communications with the IT service management or internal security team will be reduced since the Pen approach removes opportunities to make changes to a security protocol. Consequently, the Pen approach constricts a business’ ability to adjust protocols to comply with evolving best practices and Cyber Security solutions. The Pen approach may align with a person’s personal risk profile, but is an issue when a business is subject to regulatory guidelines requiring updates.

Additionally, the Pen approach to Cyber Security approach cannot scale with the growth of a business. As a company grows more complex, the potential exposure to hackers and other bad actors increases — and if the Cyber Security plan that lags behind a business’ growth will result in digital protection gaps.

Cyber Security Approach

Cyber Security Approach – The Pencil Strategy

In contrast, the Pencil strategy offers flexibility. It enables IT responses to adjust to the real-time environment as a business grows and as cyber threats evolve. An effective Pencil approach utilizes a combination of firmness — with a commitment to updating, reviewing, and modifying security policies as needed — while remaining flexible enough to recognize, understand and respond to issues regarding new information, new or changed requirements, emerging threats, and updated solutions.

Instead of freezing Cyber Security or IT support services at a single point, the Pencil approach applies the best practices. It constantly processes improvements, ongoing system audits, and tests while also checking for patches and upgrades when necessary. The Pen proponent will remain happy for a time, ignorant of emerging cyber threats until something bad happens. But once a breach occurs, the cost to fix the damage under the Pen approach will cost a lot more than being prepared to begin with.

eCare SOC Security Monitoring

Security Operations Center 24x7x365

MXINSPECT Email Defense

Complete Defense Against Today’s Email Threats

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Coming Soon On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories