You’ll know it. You’ve planned a weekend trip with colleagues with no qualms about making sure you’ve taken enough care of all the family members. That’s why you’ve been spinning your wheels since Friday morning. You don’t remember breakfast anymore, you skip lunch just to make it to the mall in time to run in at the fajront and get food for the family.
Wrong! Already at the first shelf you will be overwhelmed by a feeling of incredible scarcity. You throw into the basket even what you didn’t plan to buy. You chaotically acquire things you think you need without thinking or planning. An expensive purchase.
Through a similar metaphor, you can look at cybersecurity in companies. Often times security is neglected and put off until it feels like starvation. Then, many times without thought, a thorough plan or audit, what is not necessary is purchased. For example, unnecessarily sophisticated security solutions without treating basic network vulnerabilities, or monitoring tools without regular thorough training and testing of people.
How to do it and correctly? Just as you plan what to buy and where to buy on your way to the mall, so too do you go about identifying vulnerabilities and security measures. Plan for the parts you can treat and cover with your own in-house capabilities, or opt to procure a managed service from external providers, cybersecurity specialists.
In the current edition of Platform of invention, we address two legislative topics that are dynamic and emerging literally before our eyes. Soon, by mid-October 2024 at the latest, the NIS 2 or the EU-wide directive in the field of cybersecurity will be transposed into Slovak legislation. The second frequently mentioned one will be the obligation of regular sustainability reporting or non-financial ESG reporting.
Both should be seen as opportunities. Gain insight, consult with experts, and prepare to meet your obligations. To overwork them and treat them as a non-essential evil is a path to starvation and expensive indiscriminate action.
