Human Resources and Technology

Personal and business risk management in a web world

May 29, 2014
Print
Text Size:
A A
Tech conference to focus on cyber security
Cyber security is an issue affecting businesses and consumers. via FB.com

Maslow’s hierarchy of needs is essentially a pyramid of personal risk management.

I maintain that each of us gets up daily and takes care of our personal- and job-related risk, “I will take care of my personal needs and find a way to keep paying the bills.”

In a web-centric world where we bank, communicate, connect and transact through a universally connected semi-secure system called the World Wide Web, also known as the Internet or cloud, our personal and business risk-security mitigation adds a new tier to the pyramid.

Managing or insuring that risk is personal. Each of us has a different risk tolerance threshold. I have a personal friend and colleague who absolutely shuns the web almost as a religious principle. He uses absolutely no social media and would prefer to have no web logins. This is the guy with a piece of duct tape over his laptop camera. I personally “put it all out there.” I’m the social media, gregarious, let’s connect online and in-person guy who uses my camera and technology readily and often to, I believe, enhance my day-to-day life. These are two examples of differing risk tolerance. He insures against risk through avoidance, and I insure against online risk through tools and procedures.

3 levels of security

1. Protection of digital assets (anti-virus, spam protection, firewalls)

2. Detection of malware or threats (I know there’s a problem — I’ve been alerted)

3. Response to digital threat (I take timely action to remediate the problem)

The Crypto-locker virus and has generated over $30 million for hackers and the Heartbleed virus still roams the Internet seeking unprotected systems.

“Antivirus is dead. Rather than fighting to keep the bad guys out, new technologies from an array of companies assume hackers get in, so aim to spot them and minimize the damage,” according to a Wall Street Journal story, quoting Brian Dye of Symantec Corp., on May 5, 2014.

That’s right, it’s impossible to be perfectly protected. Risk is real and personal. What can you do?

Personal risk management

1. Confirm that your personal anti-virus and anti-spam protection are up to date

2. Consider a product like LastPass to manage your online passwords and hold you accountable to online security

3. Change your passwords! Once a year at least

Business risk management

1. Inquire to the level of detection and response at your organization. Ask, “How are we watching for intrusions to our network? How quickly do we respond to these increased threats and intrusions?”

2. Ask for or find an independent assessment of your organizational risk management. Ask, “Are we up to speed for detection and response?”

3. Change your passwords! Once a year at least

Each day, we knowingly or unknowingly choose our own risk or online safety management. Take a moment to improve yours today. 

Comments powered by Disqus