HR Jetpack

Defining Security

This video is premium content

Register or sign in to gain access.

Lesson:

Defining Security

Lesson Content

Take a moment to think about how you and your organization approach the idea of being secure. What makes your staff and data safe from threats? Too often, I hear the justification of “well, we’ve never had a problem.” Therefore, they wrongly assume, “we must be doing a good job”. Or “we must be ok”. Many companies are led by the misguided notion that they can address a problem once they are affected by one, but until then they must be safe.

That same naive tone is common among individuals regarding their personal data. Some people will think, “I’ve never had my identity stolen, email compromised, or a problem with my computer and therefore I must be safe enough.”

The problem is that we haven’t publicly set a good standard for people to refer to when it comes to security. What does being safe online look like?

A common dictionary definition of security would be: “the state of being free from danger or threat.” On the internet however, that really isn’t a realistic standard to hold ourselves to. As I have already said, there is no such thing as invincibility on the web.

The goal within cybersecurity should be to take every reasonable precaution your organization can afford, both in terms of budget and effort, to protect against likely threats. Organizations with strong cybersecurity acknowledge the need to provide layers of protection and support to cover against the wide range of modern threats. According to a November 2016 survey of IT professionals: “81% of organizations use between 2 to 10 security solutions to cover mobile, cloud, and physical systems.”

A secure company is one who actively attempts to detect and prevent incoming attacks, regularly and redundantly backs up data and systems and trains and informs staff on a monthly basis to make them aware of new threats, and to reinforce best practices.

As with all things in life you can do everything you should and fail anyway, and you can do nothing and get away with it. The key takeaway from this course should be the ability to analyze what you personally, and your organization as a whole are doing for security to determine which risks may remain that you can address.

Michael Wilson

Instructor:

Michael Wilson

Michael Wilson works with small businesses to build and protect their brands online. He is an IT Generalist whose primary services include: Web Design & Development, Cybersecurity Consulting & Training,...

Michael's Full Bio