February 2022 Newsletter
Confused? You Will Be
Confused? You will be….Assuming you haven't been hiding under a rock these past 5 years then you know that the growing threat to our businesses is Cyber Crime. And as I mentioned last month, 49% of reported crime is Cyber related in the UK.
Processes not Tech
Speaking to many business owners and managers, a lot of them (80%) are under the impression that they could navigate a breach quite well, with what they have in pace and the IT company they work with. But as we drill into the processes and procedures they have in place to make sure they can get through a breach okay, it becomes clear that their perception is quite far from reality (notice I say processes, and not technology?).
Trust but Verify
The main reason for their incorrect assumption is that they are trusting that their IT company are doing all the right things to keep them as secure as possible. Now, trust is not a bad thing - you need that to consider even working with someone. But 99/100, there is no verification (such as weekly KPI's reviews or a process for recommendations) that the IT team is following good hygiene practices, or continuous improvement plan, to ensure everything is correct and following best practices.
Coupled with the fact that a lot of the marketing is about technology products, and it's easy to see how it can be very confusing for business leaders to really understand what they need to know to make sure all is good.
High-level Top Tips
What can you do to make it less confusing? Well the following are some top tips that we recommend that you adopt:
Choose a Certification Standard
Cyber Essentials is the UK Government's certification program. If you adopt this standard then it will ensure you have a base level of Cyber Security in place. Other standards are available such as NIST, CIS, IASME, ISO 27001 etc.
Invest in Cyber Insurance
Cyber Essentials includes a level of cover but it is only goes to £25k. We recommend that you speak to your broker and see what's on offer. I would say £250k is the minimum amount of cover you would need.
Build your 'Structural Awareness'
1. Identify information assets
Most IT companies are focused on protecting systems, without truly identifying what you have to protect. You can't protect what you don't know you have. Find out where all your data is by holding meetings with your different teams. The purpose is to find out whether there are any 'extra' systems (apart from the official company ones) that your guys use. Such as 'dropbox, for sharing files with partners'.
2. Put Protections in place
Work out who needs access to what and put controls in place. Train your users and put technical protections in place (and make sure they are updated regularly). Carry out regular vulnerability tests so you know what vulnerabilities you have to address.
Build your 'Situational Awareness'
Now you know what you need to protect, determine how best to monitor them for anomalies.
Work out what processes you need to put in place around your detection systems to make sure you get the alerting you need.
3. Build your Response plan
Work out how you are going to respond to different scenarios. Build response plans and review them regularly with your IT.
4. Develop your Recovery plan
Look into how you are going to recover your data and systems after an event. Think about how you can put a process in place to analyse what happened and how to make improvements to your systems so you don’t get hit again by this vulnerability.
Developing your Structural and Situational awareness will mean that you can see where you are and help you prioritise what to do next.
All this comes with an overhead of extra work for you and your teams. The game has changed and unfortunately this means it is going to require more investment (time and money) to make sure you can carry on operating.
And of course, if you want to talk any of this through, then please feel free to reach out.
Kailo – The Future Of Pain Relief
Nearly everyone has felt pain so intense that they had to take a painkiller to calm the discomfort. Sometimes orally administered painkillers can take too long to be effective, or they simply fail to dull the pain at all. The people at Kailo realized this and made it their mission to help people manage pain with a nanotech patch.
Kailo interacts directly with your brain’s electrical system, telling it to calm down and reduce pain. Kailo doesn’t use medicine or drugs, and there are zero side effects. In addition to this, it works anywhere on your body, and you’ll start feeling the effects within the first minute. If the usual painkillers aren’t working for you, give Kailo a try.
Don’t Give Up On You
When I released my first book, The Toilet Paper Entrepreneur, I hoped that it would be met with immediate success. Instead, nobody bought the book on its initial release day. Like most would be in this situation, I felt defeated. I had to think about my next step. Should I learn how to market effectively or simply give up on my hopes and dreams?
I knew that I wrote a good book and that it would help other entrepreneurs succeed, so it became my mission to properly market the book. The lack of good and effective marketing is what holds many businesses back from reaching their goals.
If you want to beat the competition, you must differentiate yourself from the rest. My book Get Different explains ways that you can make your company more visible in the business marketplace. I’d love to share the three main steps from this book, as they can help any business’s marketing strategy be more engaging and effective.
The first thing you need to do is differentiate your business from its competitors. If you rely on word-of-mouth marketing, you’ll fail. Instead, you should get out there and use your marketing tools to ensure that people know your business is the best in the industry. Use your talents to stand out from the crowd. Be funnier or smarter than the rest, and consumers will surely take notice of your brand.
After you get your consumers’ attention, you need to attract and engage them. Give your campaign an authoritative, trustful, repetitive or socially significant approach so they feel comfortable using your business.
Lastly, you need to be direct. After you get their attention, tell them what to do. Develop a call to action so customers and ideal prospects will take the next step. By picking a specific action, you can also measure the results and see how effective your marketing truly is.
Proper marketing can be very difficult to achieve, but with these steps, you will be on the road to business success.
Mike Michalowicz is a very successful author, entrepreneur and lecturer. He has written several successful books, including his latest, Get Different. He is currently the host of the “Business Rescue” segment on MSNBC’s Your Business, and he previously worked as a small-business columnist for The Wall Street Journal.
New Team Member—Adam Wood
He works in the Professional Services team as a Senior Engineer, working on server builds, migrations and security projects. Being on board for only 2 months he has shown how capable an Engineer he is, getting up to speed very quickly.
When he is not working for us he spends time with his wife and son, usually arguing over the PS5 with the latter. He has goal of deadlifting 200kg this year (a weightlifting move), and he loves playing the drums!
Favourite Music artistes are: mac Miller, Pantera and Pennywise (who?).
His favourite foods are: Anything Italian, anything not beetroot and a good old TWIX!
Surviving the Great Resignation
The pandemic completely changed how freelancers function. Previously, full-time employees were the most sought-after employees. With the pandemic and the ensuing labour shortages, freelancers have been brought further into the corporate world, and it looks like they’re here to stay. Now, if you want to attract freelancers to work for your business, you need to entice them.
One of the most desirable things you can offer a freelance worker is flexibility. Don’t restrict their hours to the usual 9-to-5 — they want freedom, and with proper communication, flexibility can work to your benefit and theirs.
Freelancers often feel disconnected from their team, and you should make an effort to include them as part of the team. Create an inviting atmosphere and encourage them to take part in team-building exercises.
Lastly, you need to offer competitive pay and stick to it. If you’re not paying them enough, they will find someone who will.
Security starts with governance
1. Is your MSP’s security program based on a publicly vetted framework, such as the NIST Cybersecurity Framework or Cyber Essentials? It should be. When growing your cybersecurity maturity, a standards-based approach is always better doing it ad hoc.