If you’ve found our site, you’ve most likely browsed the main page, where we have a simple declaration of services, including our Cyber Roadmap. In the few months since the page went live, we have received several questions on exactly what a Cyber Roadmap is.
This week’s post will go more in to detail on what a Cyber Roadmap is and why you need one.
For years now, I’ve been working with companies who don’t have a technology plan. One of my earliest sales propositions was to get a meeting with the decision makers and ask them their data backup strategy. Of course, the answers were always very general, things like – “we backup every night both locally and to the cloud” or in some cases, “oh we don’t worry about backup, we’ve got a Barracuda that tells us when a backup fails”. My immediate next question, in almost all the cases was, “when was the last time you tested your disaster recovery plan? Eyes went blank, fingers were pointed and before the meeting was over, we had a signed Managed Service deal. Disaster Recovery planning is a topic we’ll discuss further in a later post, but the reason I tell this story is because my sales pitch has changed. Disaster Recovery (DR) or Business Continuity Planning (BCP) is rarely a topic of my first sales meetings. Now it’s Cyber Security, and more specifically, the businesses Cyber Roadmap.
To put it plainly, a Cyber Roadmap is the testing of the businesses current security policies, procedures and systems and comparing them to international standards to help the Company develop a plan for protecting its systems in the future.
Blackbird, through its partnerships tests over 150 Key Performance Indicators (KPIs) checking everything from password policies to firewall security and even down to the policies your business implements to protect it from human error or lack of education.
This is NOT a Penetration (or Pen) test. This is NOT a piece of software we run that you can purchase and download online, this is NOT a piece of hardware we drop in to see what’s going on at the internet connection.
Our service includes some of those, and a host of others, but more importantly we take the time necessary to understand what your business is, what information is stored / transmitted and what your needs are, so again – we can assist you in developing the plan for the future, including cleaning up the present. How can you know where you are going if you don’t know where you currently are?
Our process takes anywhere from 1 hour to 3 weeks, depending on the size and complexity of your organization, but when we have completed the engagement, you’ll have more data then you could ever want on your current security infrastructure. No, it’s not a bunch of spreadsheets and technical jargon, of course we include that so the people you task to fix the gaps are aware of the true issues, but it’s a few reports that anyone can read, understand and act on.
The Cyber Roadmap is a small part of your Disaster Recovery or Business Continuity Plan, of course – but without it – those two critical procedures are not complete. By the way, we can help you implement those plans as well!
I’ve addressed a few of the common “sales objections” we receive in one of my earlier posts (Cyber Security for the Small Business - Introduction), but I want everyone reading to understand – you cannot keep ignoring Cyber Security, and you cannot give ownership of it to someone else. If you don’t engage us to help you, please work with someone. Worse case, give us 20 minutes of your time and we’ll help you understand the need, as well as the dangers by not having a plan.