5 cybersecurity basics every business executive should know about

Cyber risk is now being acknowledged as something that doesn’t belong in an IT backroom alone.  The impact of cyber incidents on business bottom-line and brand reputation has quickly become apparent over the years. If there was any doubt, it has been dispelled overwhelmingly by the COVID-19 pandemic and its effects on global cyber resilience.

However, cybersecurity now needs to evolve from being an acknowledged business risk to a risk that is actively addressed by a business’s overall strategy, culture and budget. However, before a business undertakes grand plans to address its cybersecurity requirements, there are some basics that every executive and decision-maker should know about. Here are some questions that every business executive should be able to answer about their business’s cybersecurity and security infrastructure: 

This is a great first step towards building any sort of organisational cyber-resilience. It is quite simple… How can a business leader protect an asset she doesn’t know she has?! Critical assets or ‘crown jewels’ as they are called in cybersecurity parlance are those assets which are indispensable to the business and its smooth functioning. An attack on these assets can mean that the business will come to a screeching halt. Therefore, identifying such assets and having a consensus about their criticality amongst the members of the management is absolutely essential.

Once you know what your critical assets are, you also need to know who could possibly be out to attack them? Identifying threat actors can give business executives clear insights into what their capabilities and modus operandi might be, and these insights can prove to be invaluable when the management is designing a cybersecurity strategy and budget. Common threat actors could include cyber-criminals who may attack your crown jewels for monetary gains, disgruntled employees with a personal agenda to destroy your brand reputation, careless or untrained employees who may accidentally click on a malicious email and jeopardise the security of the entire business network, Nation States etc.  

Today, it would be wise to work under the assumption that your business will probably get attacked at one point of time or another. The question business executives, then, have to ask themselves is this – Do we have a solid plan of action in place for when an incident occurs? A Cyber Incident Response Plan is a clear set of processes and procedures an organisation must adopt in the event of an attack to mitigate the damage that the malicious actors can cause. At the basic minimum, every organisation must have such a plan in place which ensures that the legal fallout of an incident can be minimised and lays out clear guidelines for communicating with stakeholders in the event of a crisis.  

Well-informed business executives should ideally be aware of the basics that go into building a SOC or a Security Operations Centre. A SOC is a centralised unit that deals with security issues on a technical as well as organisational level. It also monitors the incoming security data on an ongoing basis. Different organisations may choose to work with different SOC models – in-house, outsourced or hybrid. What business executives must know is which SOC model is right for their organisation, what the current model is and what the organisational expectations from the SOC are. A SoC is more appropriately called a MDR or Monitoring, Detection and Response Centre.

Threat Intelligence is validated and contextual guidance about an existing or potential threat to a business. Good Threat Intelligence can enable business executives and management to take the right decisions to manage cyber-risk better and take timely actions where required. A savvy business executive must know the value of good Threat Intel, how to procure it and how to act upon it.