Times are tough. Unless you are just now coming out of your winter hibernation, you are probably so beaten by that phrase that you are not far off from striking the next person that vomits it upon your day.
Listen up executives, this one is for you.
Breaches cost money. OK fine, I know that is not paradigm shattering knowledge I just dropped like it was hot. Still, executives miss the mark when trying to securely manage or grow their business. We know this because of the nearly daily additions to the breach list that PrivacyRights.org manages.
Executives have been failing at managing long term expectations for years. Any of us that work for a public company know that an executive’s myopic management may not be able to focus past delivering the next financial report. If your executive is only managing the P&L, how do you expect her to understand that a long term investment in security is something that is both wise and necessary? She will have to explain the added costs and lower quarterly performance to her shareholders–never a pleasant discussion.
Heartland is the second public company to go through a major breach in the last few years that will have to disclose costs associated with the breach in their reports to the Street. In a weak economy with flat growth, shrinking margins, and weak performance, imagine what a multi-million dollar charge would do to the viability of your company. If you had $300 million in cash, and had to lose half of it in six months to cover a breach, would you be able to ride out the rest of the recession? Imagine if you had spent $50 million over one year instead to achieve the same outcome.
That’s savings you can celebrate; but unfortunately, it can only be measured it in hindsight.
If you ask an executive that is dealing with a breach what they would have done differently, once they get through the stages (Denial & Isolation, Anger, Bargaining, Depression, and Acceptance), they will probably admit that they should have paid more attention to the risks associated with poor security practices. Big expenditures over time are ALWAYS preferred to massive expenditures in a short window.
THAT, my executive friends, is what should be keeping you up at night. Have you spent enough money to prevent something that could alter the lives of some, if not all of your employees, shareholders, and customers? As the top dog(s), you carry the weight of the world on your shoulders. Employees and their families depend on you to make rational decisions and position the company to outpace competitors. Shareholders depend on you to deliver return on their investment in the company. Customers depend on you to ensure that the company is stable, the products and services are of acceptable quality, and that you will exist.
Notice that ALL of those people that depend on you are focused on the long term!
As the not-so-new adage goes, you will pay for security now, or you will pay for it later!
Possibly Related Posts:
- Selective Domain Filtering with Postfix and a SPAM Filtering Service
- PCI DSS 4.0 Released plus BOOK DETAILS!
- Preventing Account Takeover, Enable MFA!
- Proofpoint Patches URL Sandbox Bypass Bug
- Improve Outbound Email with SPF, DKIM, and DMARC