Blog: Cybersecurity month October: Keep your colleagues alert

Blog: Cybersecurity month October: Keep your colleagues alert

2023-10-03 | Blog| Ronald VerbeekMonday 02 October 2023

For several years now, October has been cybersecurity month. Bring the topic to the attention of your colleagues too; cybersecurity concerns us all!

Digital technology and networks (cyber) offer a very attractive way for malicious actors to put pressure on almost any organisation. After all, from a protected location, the whole world can be reached. Moreover, many systems are vulnerable, due to poor security of the technology itself, incorrect implementation, overdue maintenance, inattentive use or a combination of these. In addition, detecting and bringing these malicious actors to justice is extremely complicated.

The motives of malicious actors can mostly be grouped under the headings of 'demanding attention' or 'exerting pressure'. Drawing attention, for example, is about demonstrating the actor's skill, or his ideological goal. Exerting pressure often involves obtaining money or getting the attacked organisation to change its behaviour. To exert pressure, for example, ransomware is deployed, a denial-of-service attack is carried out or (threatened with) sabotage. And even if your organisation is not the target of an attack, it can still become a victim, for example because an attack is deployed in an untargeted way, or because a chain partner is affected by the attack and unavailable. In short: every organisation is a potential victim of cyber misfortune and should prepare accordingly.

What to do.
There are many tools outlining how to approach cybersecurity, from standardised ISO standards and NIST frameworks to lists of basics. They roughly boil down to the following:

  • Know what you need to protect: what are malicious actors potentially after and what knowledge and systems are crucial for your organisation to continue to exist. In other words, what are your assets to protect?
  • Make a plan to protect these assets from cyber threats. Outline measures you should take, and in what order. A roadmap. Keep in mind that this will not be a static plan, threats evolve and your plan should take that into account: cybersecurity is an arms race!
  • Keep an eye on your assets. Know what is normal behaviour in your organisation and its digital systems, make sure you spot deviant behaviour quickly and can assess whether it is harmful behaviour or not.
  • Make sure there is a plan for when something does happen that disrupts normal operations. How will you act then, which parties do you need and how do you reach them? Practice this also with the colleagues involved.
  • Evaluate incidents and learn from them, adjusting systems, responsibilities and processes if necessary.

Who is next up?
We all are. Everyone who works with digital technology has a role, even if only to alert experts in case of deviant behaviour. Directors and internal supervisors also have clear roles, including around ensuring cyber security policies, culture and investment. It is important that roles are defined and that everyone knows clearly what role(s) they have. Only then can you be in control.

This blog is a summary of a more extensive article written primarily for directors. Share it with them and so give cybersecurity month a push in your organisation too!

I wish you a safe and resilient month!

Ronald Verbeek
CIO Platform Nederland

« Back

More news

Blog: What knowledge and tools should the Supervisory Board have in order to be able to assess the risks of applying artificial intelligence?

2023-12-05 | Blog | Frank FerroMonday 04 December 2023 Are you as part of a (supervisory) board looking for more guidance and control on AI? Or are you interested in this? Find insights and leads in this blog by Frank Ferro (Director Insights, PostNL). full story

CIO of the Year 2023 – Aart Rupert, Damen

2023-11-27 | CIO DAY 2023 | Aart RupertMonday 27 November 2023 During a whirlwind show at CIODAY, the CIO of the Year 2023 was announced. full story

Blog The new 'normal' / Change management

2023-11-20 - Blog GerJan HuisjesMonday 20 November 2023 Gerjan Huisjes (Director, VolkerWessels ITBV) shares his thoughts and advice on the changing environment for the CIO, employees and the world. What is our role in the 'new normal' and how do we deal with it? Read it below! full story

Digital technology, (continuing) livelihoods and the 2023 elections

2023-11-13 | NB | Digitale technologie, (voort-)bestaanszekerheid en de verkiezingen van 2023 .jpgMonday 13 November 2023 On Wednesday November 22nd, the Netherlands will go to the polls. More than two and a half years after the previous elections, and less than two years after the Rutte IV Cabinet took office. And yet the situation is completely different. full story

View all news items through the archive