This week, someone told me about a group of CEOs who came to the conclusion that their IT security was handled since they installed an artificial intelligence (AI) based threat protection tool. They didn’t know it, but they were wrong. Having a false sense of security is dangerous and can be devastating to a CEO’s organization, because they may fail to take the important steps to be secure.
Executives are trying to do the best they can, to make good decisions, but they often have bad input.
Some executives learned what they know about IT security from advertisements rather than textbooks, or from advisors who did not know what they were talking about.
For example, reports show that it is probable that the breach at Equifax could have been avoided if executives had ensured that basic step #1 was implemented.
The essential steps are:
- Keep current with critical security patches.
- Make sure that users have the right amount of privileges to do their jobs.
- Only allow good programs to run.
It is human nature to want the easy way out, such as buying the latest threat protection tool and stopping there. Threat protection tools are important to have, but are not enough.
Be smart. Give your IT team time to accomplish the three steps above. Then you can sleep better at night.
Please forward this to every single executive that you know, so they can protect their companies with these three very important basics.
For more details, see: