How much are your assets worth?
A different question could actually be what is the value of your assets.
One problem in the cybersecurity space is putting value to your assets.
The value of your crown jewels
There are two reasons.
1 – Do you know what your assets are – Identification.
An asset can be a number of things.
It can be the people inside the organisation.
The salesperson who brings in 50% of the company revenue, the CEO who delivered a keynote at a conference or it can be the receptionist who has a system that controls the business but no one else knows about it.
It can be the information you collect and manage.
It can be your CRM or it could be your accounting system.
It can be the property you own.
The physical premise, your intellectual property, your software, your tools or anything that you leverage to produce your products and services
It can be your reputation or brand.
It can be your brand, what people think of your brand and what you are doing to ensure that you do everything ethically and properly.
2 – How valuable are they to the business.
Most of the assets have some level of financial impact on the business.
When everything is running like a well-oiled system it is hard to define where and what is doing the heavy lifting for the business.
Yes you have your bean counters with profit and loss statements and the LAPS
When you remove some of the assets you suddenly understand that they are all working in tandem to create the perfect system.
Here are a couple of questions you should be asking
Can you afford to have all of your staff sitting around for more than 10 days while you sort out a malware attack?
Can your organisation survive for 2 weeks without any income from sales and service if your point of sale system failed?
Can your reputation handle telling all of your inquiries that you cannot do anything because you have been hacked?
Can your reputation handle the impact of emailing all of your customers and clients that you have been breached?
Can your finances handle the $40K to $60K governance and compliance fines that will come shortly after a breach?
Now tell me you do not have the money to invest right now to protect yourself from these problems