Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses – What questions should I be asking about my cybersecurity
[start of transcript]
Hello my name is Roger. Today I’d like to ask you what questions should you be asking about your cybersecurity? Is the cyber risk a part of your cybersecurity plan? Have you looked at where you can be compromised to make sure that you are protecting yourself to the best of your ability?
In addition to making sure you’re protected, have you had a look at how you are going to protect yourself if ‘X’ happens, or if you actually get physically targeted by a black [0:40 inaudible], what is your plan to make sure they can’t get in?
Have we made sure that we are also compliant with everything that’s in place? Because there are two things that run together: compliance and insurance. Because if you’re spending a thousand dollars a month on cybersecurity insurance and you’re not compliant, you might as well be pissing it up against the wall, because I can guarantee the insurance people have looked at it and gone “well they haven’t done it, but we’ll take the money. We’re quite happy doing that”.
In addition to your cybersecurity is everybody listening to how we are cyber hygienic, so we haven’t got viruses on our system, we’re not doing stupid things with email? We’re not spamming people on the internet.
That makes sure that what we do doesn’t impact on another business. But do you also have an incident plan? Have you seen an incident happen? Someone got attacked by a virus. What do we do about that?
How do we do it? What are the processes we need to do? In addition to that does everybody know what they have to do, because if nobody knows what they’re going to do, you need to start implementing an education program to make sure they do?
Thank you very much.
[End of transcript]