Working largely in a regulated industry such as financial services you can sometimes lose track of where the business world at large is when it comes to cybersecurity, which is why we thought a recent article published by the World Economic Forum was so interesting.
In the piece, Alex Spokoiny of Check Point Software Technologies outlines some points that we’ve been stressing for some time, namely that cybersecurity is not something that can be solved with technology alone.  To be truly resilient, he argues that one must assume that an incident will happen, and that your organization should be prepared for this.

What’s the best way to prepare for this eventuality? Well, Spokoiny argues that it is something we’ve been helping our Clients conduct for decades: tabletop testing. What if your endpoint security solution falls short, and to make matters worse your ISO is in the hospital? Consider ransomware: what if the unthinkable happens? Do you know if it’s you or your insurance company who decides if the ransom should be paid?

In today’s world technological solutions are important, but if that technology were to come up short your human resources will be tested and Spokoiny (along with us) believe the best way to be assured your organization is truly resilient is to test those resources regularly.

Now we know that you’re likely no stranger to these sorts of tests, as your regulators expect them to be conducted. But it’s important to remember that these are not mere regulatory hurdles to clear or boxes to check off on a list.  A properly designed tabletop test can be very revealing.  Here at Infotex we take pride in holding ourselves to the same standards that we hold our Clients to, and we can say that our own tabletop testing has in the past uncovered deficiencies that may not have been apparent until we were in a crisis.

For our own Clients and others in banking, consider this an affirmation that the rest of the business world is slowly catching up to what we already know…and for those newcomers, if this has made you interested in testing your own organization’s cyber resilience, we would be happy to discuss tabletop testing options with you.