There are people you don’t know, who already have administrative privileges on your network.

Does that seem far-fetched? Allow me to introduce your programming team.  Chances are, you have software running on your network right now that was written by people you don’t know.   And it has administrative rights which if exploited could cripple the entire organization.   Read through to the end to understand how the non-technical executive can help control this issue.

Cybersecurity is a nascent arena, but there are standards that can be adopted. And if followed, you can expect to do substantially better than average in preventing breaches.  These frameworks and compliances of course are a jumping off point for an organization’s cyber resilience strategy.  They are not in and of themselves a complete answer to current and future threat landscapes.  They are, in effect, the Index Funds of the industry.   They are a generally low cost, high impact way of managing the security journey.  

They provide a framework by which a non-technical executive can begin to be assured that the policies and procedures of the organization are reasonable, and not absurdly ineffective outliers.  There is in effect no better way for a non-technical executive to judge if their current winning strategy is good or lucky.

Why you can no longer trust the office network.

t is critical for management to understand that the threat landscape has changed and that spending, and security strategies must change in response. Securing enterprise assets and software is crucial for protecting sensitive data, ensuring business continuity, complying with regulations, and building customer trust. By understanding the evolving cyber threat landscape and implementing effective security measures, non-technical executives can play a vital role in safeguarding their organization's digital infrastructure.

Management should stop making them try.  It isn’t their job.  And even if management makes it their job, they shouldn’t be allowed to grade their own work.  An improper device count is one of the cheapest things most organizations can correct to improve their cyber security.

Explore the concept of cybersecurity as an infinite game where the goal is continuous improvement rather than winning. Learn how to adopt strategies of discipline, learning, and resilience to stay ahead in the ever-evolving digital landscape. Understand the role of non-technical managers in fostering a culture of cybersecurity within organizations. Discover why cybersecurity requires ongoing effort and leadership to maintain and enhance security measures.