Cyber Security is the protection of devices, services and networks - and the information on them - from theft or damage via electronic means.  Cyber security’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access - both online and at work - from theft or damage. It’s also about preventing unauthorized access to the vast amounts of personal information we store on these devices, and online.

You made it this far: you are interested in doing better.  Right away you may ask yourself: how can all this represent the bare minimum?  To begin answering this question you need to embrace transformation and change.  

Main thing to understand is that today’s definition of security has little to do with permission, passwords, malware, and hackers.  You - or others in your organization - are probably used to thinking making a system secure is installing a firewall or some anti-malware.  Security is a balance of convenience and control in all facets of your organization. Security is concerned with all things related to the confidentiality of information, integrity of data, and the availability of systems.

You are a custodian of data that can cause a client, an employee, or a vendor to have a “bad time”. Security events are manageable risks which can lead to your buiness losing money, or worse. Your employees can lose jobs. Your clients can suffer a little, or a lot. Your vendors can suffer a little, or a lot. You matter. Your company matters. Your cybersecurity matters.

Your cybersecurity is also your problem.  While you can hire vendors to help protect systems and buy insurance to offload some of the weight, you cannot do either well unless you - the owner, the executive team, or the board - establish some form of cybersecurity strategy and do your own risk management, Good cyber security protects that ability to function, and ensures organizations can exploit the opportunities that technology brings. Cyber security is therefore central to a company’s health and resilience, much like financial security, personnel security, and future security.

You are also likely thinking that this is too complicated, or feel powerless, or simply suffer from deniaism. Perhaps these thoughts will help you:

Having a basic understanding of cyber security can help you to ask the right questions to seek assurance about your organization’s cyber resilience  - just as you would need to have a certain level of understanding of finance to assess the financial health of your organization. A good place to begin is to discuss your existing cyber security measures with your experts and identify what constitutes ‘good’ cyber security in terms of assessing your organization’s cyber security measures.

BENTO:GUIDES is here to help you in three ways:

1. Provides a framework for cyber security.

2. Provides guides and materials for understanding all aspects of the framework.

3. Provides detailed recommendations for implementing your cybersecurity program.

With sufficient understanding and the right relationships, you can put in place defenses that will protect your critical assets against the biggest threats. Implementing good cyber security measures is not only a key part of meeting your regulatory requirements but will also help reduce the likelihood of a significant incident. Implementing even very basic cyber security controls will help reduce the chance of an incident.

Bento Security’s BCSF/Guides offer a compilation of useful documentation. Bento Security’s Professional Services provide cybersercurity and information technology management services. Visit https://www.bentosecurity.com to learn more.