Hearing “all of your confidential information is extremely vulnerable, we know this because…” is bad news, but whatever follows the ellipses determines just how bad. Consider two scenarios.
- “All of your confidential information is extremely vulnerable… we know this because a hacker took all of your customers’ credit card info and locked all of your files behind ransomware.”
- “All of your confidential information is extremely vulnerable…we know this because we did a vulnerability scan of your network, and have some suggestions on how you can improve.” 61% percent of small businesses are victimised by cyber attacks each year, and one in five victims do not survive. It is financially worthwhile to make sure that you end up being the person hearing the latter sentence.
- Added new network infrastructure or applications,
- Made significant upgrades or
- Modifications to infrastructure or applications,
- Established new office locations,
- Applied a security patch
- Modified end user policies.