Our last release for 2017 is a big one! For more information on any of the features please reach out to your Beauceron representative.
For Bankrupted Morehead Hospital, a successful cyber attack could not have come at a worse time. Two weeks after declaring bankruptcy, Morehead now owes up to $1.5 million for HIPAA violations.
It isn't just bad when you're dealing with a bankruptcy, for small and medium size organizations a cyber attack can tip your organization into financial distress.
We often get two big questions at Beauceron Security: "How do you pronounce your name?" and "What does it mean?". Fun fact: a Beauceron (Bo-ser-on) is a breed of sheep dog from northern France.
So how does a cybersecurity company - that works primarily in human-centric cyber risk - associate with a sheepdog from northern France?
Enter the sheepdog effect.
October brought about the third major ransomworm attack of 2017, taking advantage of the same leaked NSA hacking tools as NotPetya and WannaCry.
While Bad Rabbit's impacts so far pale to the billions of dollars in damages done globally by NotPetya and WannaCry, its spread highlights why reducing the risk of these attacks means dealing with people, process, culture and technology.
We sat down to chat with Jamie Rees about the importance of proactively managing cyber risk. Jamie has over 20 years of progressive IT experience. He has spoken at a variety of global events sharing his perspectives and won several awards for his involvement in the industry. Jamie is currently the Senior Cybersecurity Strategist for Énergie NB Power.
Throughout our conversation Jamie discusses lessons we can learn from the physical safety culture manufacturing firms have created, misconceptions about cybersecurity and first steps that businesses leaders can take to manage their cyber risk.
The full audio clip is about 30 minutes below; in this post I’m outlining some of the major themes that emerged in our conversation.
Jamie admits early in his career he believed that security could be solved with more resources for technology. As he progressed in his career, and stumbled across Clayton Christensen’s book the Innovator’s Dilemma, he realized that creating security as an organizational capability required the organization to truly value it.
Christensen defines values as “the standards by which employees set priorities” and classifies it as the most impactful factor in creating an organizational capability. Once an organization values security the other two factors, processes and resources, will follow.
Valuing security is the difference between pushing a product with security flaws to meet a deadline and pushing the deadline back to solve the security issue first.
In our conversation, Jamie references the classic 7 Habits of Highly Effective People, ‘Seek First To Understand, Then To Be Understood’ when talking about security within an organization.
It’s up to security professionals to listen and communicate with other departments to understand their roles and ensure that security is balanced with usability.
It’s also up to business leaders to listen when an individual says ‘this work isn’t secure’. If security is truly valued within the organization, individuals feel safe to raise security concerns without fear of negative retaliation.
Rees says the most important part of building a proactive security campaign is having the support, time and belief from the organization. He believes that security is everyone’s business from the front-line employees to the support of the Board and Senior management.
Security leaders need to believe in the value of security every day and communicate that it’s valued.
“Security isn’t something we buy in an organization, it’s something we instill.”
- Jamie Rees
Jamie joined our business development officer Kathryn Chamberlain in our Fredericton office to celebrate cybersecurity awareness month. Jamie Rees is currently the Senior Cyber-Security Strategist for Energie NB Power, Chair of the ICT-Cybersecurity Leadership Council on Youth and Education and has previously held the Chief Information Security Officer position with the New Brunswick Government. Jamie can be found on Twitter @SecuRees
To kick off cybersecurity awareness month in October, MediaPlanet pulled together a special insert for the National Post. We were honoured to be a part of their campaign! Click the image below to see the full PDF version.
It appeared in the September 27th copy of the National Post and featured an article from our very own Kathryn Chamberlain.