As an executive, should I feel confident my IT professional has cybersecurity under control?

Some executives say, “I am already paying an IT professional to take care of IT; why should I have to pay for someone else to make sure the IT department is doing what I am already paying them to do?” They think every IT professional should know all there is to know about cybersecurity.

Think about it. That thought-process is much like saying, “I am paying my brain surgeon already; why does she want me to see someone else to perform my open heart surgery? If I hire the heart surgeon, can he repair my knee, too?”

As a skilled, experienced systems engineer and enterprise security specialist, Mike understands that YOU want strategic, practical, and useful IT security information in an easy-to-understand format. Mike will provide you and your IT professionals practical insights and relevant IT security solutions that will help protect your business.

Is it worth it to invest in an IT Vital Systems Security review?

You might be surprised how expensive it is to have a security breach and/or for your team to be less productive if they are using older methods.

The good news is that often, as long as you already have modern hardware and software in place, the purchases you will make from your vendors after the review will be minimal. Mike will show you how to use what you already own. Mike will provide third-party input on buying decisions as someone who isn’t trying to sell the hardware/software. It is very easy to make the wrong choices with technology, and a wrong choice can be very expensive.

Sometimes I feel some level of “technological inadequacy” when talking to my IT professional, so how can I make sure the important questions get asked and not avoided?

Mike will have those conversations with the IT professionals on your behalf. That way, essential questions get asked and both the IT professionals and executives can address significant cybersecurity challenges.

Some organizations have gone through many IT professionals, in-house or outsourced, and now their network is a jumble of what other professionals have put together. How can this situation be improved?

Most IT professionals are so busy working on new projects and other tasks that they don’t have time to go back and figure out how previous IT professionals configured the systems. Mike Foster and his team can analyze those old systems and identify problems before they cause an issue. Your IT Pro can focus on their other tasks, and gain confidence that there aren’t going to be haunted by mistakes from the past. IT professionals are often well-meaning and highly trained, but they are spread thin working on many projects. Mike can show you what they’re doing right and help you feel confident they’re taking the best care possible.

My IT professionals are so busy all the time. How can they address added cybersecurity duties?

Mike and his team are conscientious about limiting the recommendations to avoid overwhelming your team. The focus is to provide the most effective steps that will result in the highest levels of protection. The report contains items that can reasonably be accomplished in the next 12 months, knowing your team has many responsibilities. If you want, we can discuss any improvement opportunities to help you customize what you want to focus on the most. Mike will show your IT professional how to resolve cybersecurity situations AND help the IT professional finish projects on time and in budget.

I’m afraid to upset my IT professionals. What can I do to reassure them?

Mike’s focus is to be cooperative and establish himself as a trusted resource to assist your IT professionals in helping your organization be more secure. IT professionals want to increase cybersecurity and who want a second set of eyes to support them will welcome a skilled, experienced, and kind cybersecurity specialist. They want to be sure they haven’t missed any cybersecurity issues.

If I use a third-party vendor for IT security and best practices, why do I need your security review?

It always helps to have another set of eyes, and still purchase all your services and products from your MSP/outsourced computer company like you always have. You only call your third-party IT Vendor to come in to put out fires. Unless you’ve asked them to, they probably have never done a thorough analysis to see what needs to be fixed. With your IT Vital Systems Security Review and Audit, you’ll have a roadmap detailing the steps to improve your security and use of IT Best Practices. While your provider does audits as part of their services, all we do is audits! And we find undiscovered issues.

If I already have qualified IT professionals on staff, why do I need your IT vital systems security and best practices review, too?

Most IT team members are very busy working on other projects for your company. They don’t have the opportunity to spend their time attending security training and visiting other organizations discovering the best current security techniques. Having a specialist that focuses on keeping up-to-date on security risks just makes good sense. Most IT professionals welcome a third-party specialist assessment with suggestions to take network security to the next level.

Your IT team also appreciates the IT vital systems review because Mike can be an advocate to help them feel understood by the CFO and other executives.

What is the best way to introduce the IT vital systems security and best practices review to my IT team?

In the interest of taking your security to the next level, you have found a specialist with 20 years of experience successfully reviewing vital IT systems. Mike will provide a suggested road map and mentoring about how you can increase our protection and increase alignment with cybersecurity best practices. He lets you, the IT professional(s), be the hero.

Will your IT team need to defend themselves and give reasons for what they are doing now?

Absolutely no defense needed; the review is all about cooperation.

The purpose of the review is for Mike to be a helper / assistant / mentor / ally. He has the benefit of working with other excellent companies on security issues and best practices, and he brings in those ideas so you can put them to work, too.

The IT Vital Systems Security Review and Audit is designed to empower you and your team to understand and reach the next level of cybersecurity knowledge.

Should this come out of the IT Budget?

No, this is a risk management process that helps protect you from future cybersecurity disasters. IT needs the IT budget to remain in place so they can update servers and the many other expenditures they have each year.

Who should be participate in the security review?

The IT Vital Systems Security Review and Audit includes research and communication with Mike, followed by in-depth security testing. After the testing, you will receive a report of findings with a prioritized list of instructions to take your organization’s cybersecurity to the next level. Some IT professionals may be concerned about receiving too many recommendations that will pile on more work to their already overburdened list of tasks. But, we always try to be considerate by ensuring that our recommendations aren’t too long or time-consuming since you have other tasks to attend to. In addition, you and your IT Professionals (in-house and outsourced) will have access to Mike for a full year. Mike can review proposals and answer other questions for your IT professionals related to the review. Our job is to add so much value that you’ll want to continue the process for years to come.

Professionals who should participate in the on-site visit include:

 

  • Mike and his team like to communicate with the IT professionals about what recommendations to expect in the report before the executives see it. That provides an opportunity to fine tune the list and account for other projects that take their time.
  • Kick-off portion: Your IT Professionals (in-house and/or outsourced) and any executives who wish to be present, including the CEO, CFO, COO, mangers, etc. for the first 15 minutes or so. Sometimes CEO/Owners who outsource their IT work do not want the outsourced people at the meeting, and that is OK.
  • Review portion: Then Mike can work with the IT Professional(s) as needed. The executives are welcome to be present the entire time, or “pop in and out” of the meeting as their time allows.
  • Debriefing: At the end of the review, we should all meet together, the IT Professionals and the CEO/CFO/COO/etc., for the debriefing.

 

What will I love about the IT Vital Systems Security Review?

You will have a better grasp on cybersecurity at your organization. Sometimes, IT topics can be frustrating for CEOs and other executives since they know how much the organization depends upon IT, yet sometimes discussing cybersecurity is new territory for them. With the IT Vital Systems Security Review, even the CEOs and other executives who already have 100% confidence and trust in their IT professionals, be they in-house and/or outsourced, get to have a greater understanding of the IT situation, provide input into the priorities for existing projects and remediation of opportunities discovered during the review, and receive a prioritized list of recommended next steps.

Some executives find it uncomfortable to talk with their IT professionals since the material is so complicated. After the review, all executives report that they feel a higher level of comfort and trust towards IT. Even the executives that already enjoyed a comfort level in this communication see a notable increase! The IT professionals appreciate this, too.

The executives gain an unbiased resource to answer their questions about IT issues without having to put their own IT professional on the spot. Sometimes it is nice to have an independent third party (Mike) review proposals and price estimates from your own IT vendors.

Often Mike can help organizations avoid some of the “we didn’t think of that” pitfalls other organizations have suffered. Same with the “someone who worked here before me set that up” problems.

Executives sometimes learn new ways to support their IT teams and allow them to get more done in less time without spending any more money.

See the multiple testimonials from other executives for more benefits. After you experience it once, you’ll want Mike’s valuable input from now on!

Why do IT professionals love the security review?

If you’re like most IT professionals, you’re busy working on other projects for your company. You might not have the opportunity to spend your time attending security training and visiting other organizations to discover the best current security techniques and other IT Best Practices. Mike brings the best knowledge directly to you and delivers it in a fast and targeted method, tailored specifically to your network.

This allows IT teams to gain a large amount of specific knowledge in a short period of time, described in Mike’s fun and easy to understand manner. Mike is able to answer questions for them that apply to their network and systems. This ultimately allows the technical team to sleep better at night, feeling more confident about the security of the network.

Should the IT professionals fear they will lose their job after the security review?

Absolutely not. Mike’s mission is to stop the hackers of the world and help companies get the most from their IT investment. In order to do that effectively, they’re best served by someone who knows the organization inside and out — you. Mike’s mission is to empower you to start recognizing and correcting even more security vulnerabilities and benefit from following IT best practices.

During the review Mike will provide volumes of information and resources for the IT professional(s). The review has nothing to do with “who” is right, and everything to do with “what” is right.

Can your users keep working during the review?

Yes, your servers will be left “up” during the review. We may “spot check” some machines, so some of your users might not have the use of their workstation for half an hour or so, but other than that, you will be functioning in a “business as usual” mode.

Is your network too small to need a review?

Mike has reviewed networks with fewer than 10 users and with more than 21,000 users and the clients are always pleased with the measured benefits after the review. So much so, that most organizations repeat the review yearly or even more often.

Will your IT team need to defend themselves and give reasons for what they are doing now?

Absolutely no defense needed; the review is all about cooperation.

The purpose of the review is for Mike to be a helper / assistant / mentor / ally. He has the benefit of working with other excellent companies on security issues and best practices, and he brings in those ideas so you can put them to work, too.

The IT Vital Systems Security Review and Audit is designed to empower you and your team to understand and reach the next level of cybersecurity knowledge.

Who should be participate in the security review?

The IT Vital Systems Security Review and Audit includes research and communication with Mike, followed by in-depth security testing. After the testing, you will receive a report of findings with a prioritized list of instructions to take your organization’s cybersecurity to the next level. Some IT professionals may be concerned about receiving too many recommendations that will pile on more work to their already overburdened list of tasks. But, we always try to be considerate by ensuring that our recommendations aren’t too long or time-consuming since you have other tasks to attend to. In addition, you and your IT Professionals (in-house and outsourced) will have access to Mike for a full year. Mike can review proposals and answer other questions for your IT professionals related to the review. Our job is to add so much value that you’ll want to continue the process for years to come.

Professionals who should participate in the on-site visit include:

 

  • Mike and his team like to communicate with the IT professionals about what recommendations to expect in the report before the executives see it. That provides an opportunity to fine tune the list and account for other projects that take their time.
  • Kick-off portion: Your IT Professionals (in-house and/or outsourced) and any executives who wish to be present, including the CEO, CFO, COO, mangers, etc. for the first 15 minutes or so. Sometimes CEO/Owners who outsource their IT work do not want the outsourced people at the meeting, and that is OK.
  • Review portion: Then Mike can work with the IT Professional(s) as needed. The executives are welcome to be present the entire time, or “pop in and out” of the meeting as their time allows.
  • Debriefing: At the end of the review, we should all meet together, the IT Professionals and the CEO/CFO/COO/etc., for the debriefing.

If you have any additional questions, please contact The Foster Institute or call 1-800- 657-7107