HUMBLE LEADERSHIP IS A POWERFUL WEAPON
The moment an executive or business owner decides to hire an MSP , they declare a commitment to the organization and employees to protect networks and data from cybercriminals . What they need to understand is this is not a responsibility handoff but , instead , the beginning of their involvement .
Winning the battle against cybercrime requires all hands on deck . Hackers are oblivious to job titles and prey on fragile egos , and while this is a touchy topic to broach with clients , MSPs are negligent if we omit any potential roadblocks to safety . An awkward conversation with leadership early on beats explaining later that had they followed the rules expected of everyone else , they could have prevented a devastating hack . We advocate to involve everyone in the organization in the training process from the start — and to smash the hierarchy .
8 EGO-DRIVEN MYTHS THAT MAKE SMBS VULNERABLE TO CYBERCRIME
As MSPs , we are all technology experts , but we cannot forget that computers and software are only as effective as their human operators . It may not strike the nerdy skills that drew you to this work , but attention to behavior management will keep your business sustainable .
Here are eight common falsehoods we have seen SMB leaders espouse that can pose cybersecurity risks . We also suggest ways your MSP can respond to promote the kind of humble leadership that can make or break the company ’ s security .
1 . Our Revenue Is Too Small To Appeal To Hackers , So We Don ’ t Need Any Security Measures .
You ’ ll encounter this person when scrambling to salvage their company after getting hit .
It makes no difference to cybercriminals if a company reports $ 4 billion or $ 40,000 in annual revenue . Both a sandwich shop that only sells pastrami on rye and a big-box department store hold personal identifiable information ( PII ) on the network . PII is a hacker ’ s capital .
Think of apple picking . If you go to an orchard , do you climb to the top of the tree ? Not if your goal is to fill the basket quickly . You grab the low-hanging fruit . Cybercriminals do the same thing . They have the ability to climb the tree — as evidenced by the Colonial Pipeline and Bank of America takedowns — but more often , they ’ ll pick easier targets .
When a huge corporation gets hacked , they can finance the recovery . Joe ’ s Car Wash , with its 15 employees , can ’ t afford it . If the cost doesn ’ t take them down , the bad publicity alone will drive clients to competitors .
2 . We Created A Written Information Security Plan ( WISP ) A Couple Of Years Ago . We ’ re Fine .
If that WISP is not current , it ’ s not in compliance . It needs to outline up-to-date protocols for employees to ensure they keep PII away from thieves .
Leadership should understand what the WISP entails and why it affects cyber insurance qualifications . Then , continually educate everyone about their role in protecting the company .
( Yes , CEOs , that includes you .)
And for those organizations that review the WISP whenever the mood strikes ? Guess what . Cybercriminals don ’ t just punch in every couple of years . They work every single day , courting you until you click on a nefarious link in an email — which is how 87 % of hacks occur . While you sit back , thinking you ’ re fine , they ’ re developing more sophisticated ways to access your system , building a fast-growing cybercrime industry .
3 . I ’ m Too Smart To Click On Something Like That . Only Fools Fall For Phishing Scams .
Intelligence is irrelevant . It ’ s about awareness and attention at a given moment .
If a leader feels superior to their staff and arrogantly skips simulated phishing training , they can miss key lessons and be more susceptible to falling for the scam . This can also happen to anyone who feels stressed out or preoccupied ; those people don ’ t look closely at details in an email .
MSPSUCCESS . COM | 9