The Point | Cybersecurity Blog for Defendify

IT Superheroes: Part Firefighter, Part Freedom Fighter, All Human

Written by Defendify | July 12, 2018

They’re computer whizzes, trusted advisors, and downright magicians all at once. They keep our equipment functioning, manage the network, and fly in heroically to help when technology doesn’t play nice.

IT professionals are the unsung heroes that keep the company engine running. But just like the rest of us, they’re only human. Can we really expect them to take on all aspects of cybersecurity too?

Error 404: Time Not Found

IT professionals barely have time to take a breath. Technological advancement keeps changing the field drastically and the ground we ask IT to cover can be daunting:

  • Daily equipment maintenance and helpdesk support
  • Ongoing network and technology management, updates, and patches
  • Planned upgrades for legacy hardware and applications
  • Vetting and setup of new technology and software
  • Physical technology maintenance (e.g. wiring and printer installation)
  • Network-connected IoT devices (e.g. electronic locks and security cameras)

That’s a lot to take on. The bottom line is, IT’s time is more valuable now than ever before. Whether you’re in IT yourself or you employ IT professionals, there are a lot of good reasons you can’t afford to simply add the entire load of cybersecurity to that list.

Error 400: Bad Request

Computer security is certainly on IT’s agenda, but much of their daily activity is still support and keeping business-critical systems running. It's not IT’s responsibility to drive on everything that makes up a strong cybersecurity posture. But many non-IT business owners and managers just aren’t aware of that.

Of course, there are many aspects of cybersecurity that IT tackles regularly, like:

  • Taking security precautions and deploying technology such as firewalls and antivirus.
  • Keeping up with device management and patching.
  • Helping to establish and enforce password policies.
  • Sending reminders to be on the lookout for phishing emails.

But that’s only the tip of the cybersecurity iceberg. Things like policies, plans, procedures, and employee training are business and management functions that simply shouldn’t fall wholly on IT's shoulders.

General Troubleshooting Tips

  • Start the conversation. Make cybersecurity a regular topic of discussion. Showcase the potential damage of a breach, talk about risks, and explore protection options as a team.
  • Keep it simple. Use natural language when talking about cybersecurity, don’t overcomplicate it with cumbersome tech talk.
  • Set expectations. Don’t ask IT to manage cybersecurity on their own, it’s a mistake that could leave IT personnel frustrated and the organization vulnerable (after all, cybersecurity is a business posture that all departments need to be involved with).
  • Get tested. Just like the rest of us, IT can’t proofread their own work. Not should they be asked to. The same way Accounting requires an external financial audit, IT needs a third-party to look things over, identify gaps, and prioritize fixes.
  • Plan accordingly. Set aside proper budgets and resources, and leverage smart solutions to help align and streamline business and IT objectives.

So, as IT puts out fires and does their best to detect and protect, remember that—while they are IT Superheroes—we ALL have to be Cybersecurity Superheroes.

Stay Safe,
Your Friends @ Defendify
View full post