Somewhere along the line, it became common wisdom that the key to being a good dinner partner is to keep the conversation focused on the person you’re with, and then “be a good listener.” This was my intention when I got an invitation from my CEO to join him and the rest of the team at a dinner outing with one of our most admired partners Ricardo Uribe – CTO of CGNET. And I must confess, this assertion works perfectly for me and the rest of my team as we enjoyed every bit of the conversation with Ricardo.
Ricardo is the Chief Technology Officer at CGNET –A Technology consulting company based in California with over 100 clients across the globe. My company, Techspecialist Consulting Limited – a technology consulting firm with a speciality in delivering advisory, IT infrastructure, software solutions and training to help businesses work smarter and grow faster. We provide IT support services in Nigeria on behalf of CGNET to clients such as Bill and Melinda Gates Foundation and MacArthur Foundation.
Showing our foreign partners around the city and ending up with dinner is what we usually do, but with Ricardo last night, something stood out. Not sure if it was the grilled fish and wine, or it was the mood of the team or perhaps the guest of honour. But something was sure different, as my CEO opened the floor for us to converse. It was more like, we all had been waiting to share our ideas and thoughts with Ricardo. And I must confess I learnt a lot that I thought I should share here.
It’s something I am sure you know, or have heard about or even practising. It’s about Cyber Security. There is no gainsaying that the Security Maturity level of an organization is directly proportional to security skill, awareness, and governance across the entire organization. Of course, we cannot overemphasize the advantages of implementing a robust information security infrastructure. However, it is important to continuously re-evaluate and assess the vulnerability within your system. Yes, you’ve taken appropriate steps to make sure your network is protected from viruses, malware, and “bad actors” that want to compromise it. But the question is do you feel safe? If yes. Can you say the same of your staff or users?
The Nigeria communications week reported yesterday that the risks associated with cybercrimes topped the list of peril incidences that may likely hit the corporate world in 2020 and beyond. This is no lie, as it was evident in the past 3-5 years ago. We have seen how cyberattacks are evolving— 2 years ago it was WannaCry and Petya and last year it was exploits of Meltdown and Spectre. AV-TEST Institute has identified an average of 12 million new malwares each month for the last 12 months.
One would think that with new malware variants discovered each day, businesses should worry less about security breaches since their endpoints are secured with the right security controls. However, experience has shown that the major security problems in business are mainly a “people” problem, not a technology problem.
As Ricardo highlighted in our conversation last night, “the number one security risk is employee negligence.” He added that “employees are the weakest link in their efforts to create a strong security posture.” He emphasized that the best way to mitigate this risk is through effective, comprehensive training of users about information security.
Stepping a bit away from security awareness, we’ve seen a lot of companies throwing a huge amount of money into Technology investment instead of employing the service of experts to evaluate potential vulnerabilities in their defence as well as finding malware that may be implanted in their system.
At Techspecialist, one of our security offerings is Vulnerability Assessment, we go beyond traditional scanning, and attempt to exploit the weaknesses that are uncovered. Our approach is beyond the identification of potential threats, it includes confirmation of which threats are real and require immediate remediation. The first benefit of our vulnerability testing is knowledge, once you know the state of your network, the solution becomes easy. You can’t fix what you don’t know is broken!
The second benefit is to demonstrate how secured your network is. Organizations frequently undergo audits or compliance reviews, and it’s common for an auditor to ask for evidence that your network is secure. With us, now you have it!
We can’t overemphasize the importance of securing your data. While it is important to invest in user awareness, which we have identified has the potential to reduce the risk of information breaches. It is equally of utmost importance to carry out network security and vulnerability assessment, so you get right to the heart of the matter to know what’s wrong, where is it broken, what should I fix first?
Thank you for reading.