Blog: Cybersecurity month October: Keep your colleagues alert

Blog: Cybersecurity month October: Keep your colleagues alert

2023-10-03 | Blog| Ronald VerbeekMonday 02 October 2023

For several years now, October has been cybersecurity month. Bring the topic to the attention of your colleagues too; cybersecurity concerns us all!

Digital technology and networks (cyber) offer a very attractive way for malicious actors to put pressure on almost any organisation. After all, from a protected location, the whole world can be reached. Moreover, many systems are vulnerable, due to poor security of the technology itself, incorrect implementation, overdue maintenance, inattentive use or a combination of these. In addition, detecting and bringing these malicious actors to justice is extremely complicated.

The motives of malicious actors can mostly be grouped under the headings of 'demanding attention' or 'exerting pressure'. Drawing attention, for example, is about demonstrating the actor's skill, or his ideological goal. Exerting pressure often involves obtaining money or getting the attacked organisation to change its behaviour. To exert pressure, for example, ransomware is deployed, a denial-of-service attack is carried out or (threatened with) sabotage. And even if your organisation is not the target of an attack, it can still become a victim, for example because an attack is deployed in an untargeted way, or because a chain partner is affected by the attack and unavailable. In short: every organisation is a potential victim of cyber misfortune and should prepare accordingly.

What to do.
There are many tools outlining how to approach cybersecurity, from standardised ISO standards and NIST frameworks to lists of basics. They roughly boil down to the following:

  • Know what you need to protect: what are malicious actors potentially after and what knowledge and systems are crucial for your organisation to continue to exist. In other words, what are your assets to protect?
  • Make a plan to protect these assets from cyber threats. Outline measures you should take, and in what order. A roadmap. Keep in mind that this will not be a static plan, threats evolve and your plan should take that into account: cybersecurity is an arms race!
  • Keep an eye on your assets. Know what is normal behaviour in your organisation and its digital systems, make sure you spot deviant behaviour quickly and can assess whether it is harmful behaviour or not.
  • Make sure there is a plan for when something does happen that disrupts normal operations. How will you act then, which parties do you need and how do you reach them? Practice this also with the colleagues involved.
  • Evaluate incidents and learn from them, adjusting systems, responsibilities and processes if necessary.

Who is next up?
We all are. Everyone who works with digital technology has a role, even if only to alert experts in case of deviant behaviour. Directors and internal supervisors also have clear roles, including around ensuring cyber security policies, culture and investment. It is important that roles are defined and that everyone knows clearly what role(s) they have. Only then can you be in control.

This blog is a summary of a more extensive article written primarily for directors. Share it with them and so give cybersecurity month a push in your organisation too!

I wish you a safe and resilient month!

Ronald Verbeek
CIO Platform Nederland

« Back

More news

CIO-associations launch ‘A Perspective on tomorrow’s digital world’

2024-02-21  Manifesto A perspective on tomorrow's digital worldThursday 29 February 2024 Four CIO-associations launch their joint Manifesto ‘A Perspective on tomorrow’s digital world’ highlighting four priorities for European politicians to address in the coming years to reach the digital ambitions set over the last years and to ensure our strategic independence based on our values in the digital world. full story

Blog - Reflections Chairman on themes and journey for 2024

2023-01-19 Blog Martijn KoningFriday 19 January 2024 Dear colleagues, members of CIO Platform Nederland,

As we’ve stepped into 2024, I am thrilled to present my reflections on the pivotal themes that will shape our journeys throughout this year. full story

Blog: What knowledge and tools should the Supervisory Board have in order to be able to assess the risks of applying artificial intelligence?

2023-12-05 | Blog | Frank FerroMonday 04 December 2023 Are you as part of a (supervisory) board looking for more guidance and control on AI? Or are you interested in this? Find insights and leads in this blog by Frank Ferro (Director Insights, PostNL). full story

CIO of the Year 2023 – Aart Rupert, Damen

2023-11-27 | CIO DAY 2023 | Aart RupertMonday 27 November 2023 During a whirlwind show at CIODAY, the CIO of the Year 2023 was announced. full story

View all news items through the archive