You’re a small business who realizes the importance of cyber security. You want to do what you can to make sure you’re protected and prevent potential problems from happening later on. You already have an IT team, but you’re aware that IT and the need for cyber security are very different things.
But, does your IT team know that?
Perhaps yes, perhaps no. Either way, it’s about time you have that conversation with them, discussing the need for a separate cyber security approach. Maybe you’re afraid the conversation may be a bit awkward or uncomfortable. After all, you don’t want your IT team to feel as though they’re not doing enough, or their work is worthless. In fact, you want them to know just how important their role is when it comes to protecting your company from data breaches.
So, here are some tips on getting the conversation started.
The IT department has a lot of responsibilities, there’s no doubt about that. They are in charge of the governance, infrastructure, and functionality of a company’s network and architecture of systems. There are a lot of jobs within those categories, but none of them really include “preventing a network from a data breach.”
Some information you want to include in this conversation are the facts and statistics of cyber risks. Talk about how small businesses are at the same risk of a data breach, if not more, than larger companies. This is because small businesses tend to be the most vulnerable, since they sometimes ignore the need for such protection.
Worried that won’t be enough?
Then tell them how more than 50% of small companies have been hacked in the last year. Or, how the costs to repair those hacks is close to a million dollars.
While everyone in the office is an adult, it helps to always hear the good news first; no matter how old we are. When you start having the discussion with your IT team about the need for a cyber security intervention, make sure you lay the positives on them. Let them know how much you appreciate the work they do and be specific about what they do well. This is your chance to let them shine.
Once you’ve got the basics covered, it’s time to talk to IT about bringing in cyber security experts. Explain that the professionals that you’ll bring in to help will work side by side with the IT department to make systems as secure as possible. These professionals will not be stepping on IT’s toes; rather, coming together to make sure your company is protected against hacks on all levels and is fulfilling the legal responsibility to its clients. IT will help implement the suggestions a cyber security expert makes on a long term basis.
In the meantime, try our RiskAware™ Cyber Security Scan & Report to see where your security currently stands.