Throughout life we are all given words of wisdom and advice that’s intended to make our lives easier than our forefathers. Things like “work smarter, not harder”, “eat your vegetables”, “win or lose, try your best” and so on. One of my favorites that I was taught was to have at least three hobbies: one that makes you money, one that keeps you healthy, and one that ignites your creativity and passion. I have a lot of hobbies, as friends will tell you, and some overlap. I love working with technology, which makes me money and ignites creativity and passion, same with playing music — although it doesn’t pay as well. For the one that keeps me healthy, I’ve developed a routine over the years of weightlifting and cardio and have consistently stuck with it for years. So, I guess my hobby that keeps me healthy is just working out (lifting weight, running, and indoor cycling). So where is all of this going you ask? It may sound a little strange at first, but in some respects, cybersecurity assessments are the same as an exercise routine.
The first few weeks of any exercise routine are challenging. The workouts are hard, your appetite goes crazy as your body adjusts to the workload, and you end up sore for a day or two afterwards, leading to all sorts of new challenges. But that begins to subside and with each subsequent workout you become more conditioned, and reach new levels of strength, endurance, and fitness allowing you to continually improve your own capabilities.
It’s similar with cybersecurity assessments. The first time it’s awkward and challenging. You’ll really have to commit and focus on the details. You must continually remind yourself that you are doing this for your own good and a future better self. In this case, a future better organization maybe. Inevitably, you will identify weaknesses that you were unaware of, some that may upset you, scare you, and so on; and you’ll go a little crazy adjusting to the revelations and new challenges ahead. You’ll be sore for a while as you strengthen your cybersecurity posture and tackle the items that you learned about that need attention, like policy additions, better continuous monitoring, new security controls, better education, and so forth. But just like the exercises that made you sore, this too will subside as you continue to perform the exercise of security assessments. You will get better, faster, stronger as an organization and will be better equipped to deliver you products and services in this current business environment marred by constant security threats.
Even though we don’t always like to do the tough things that make us better, try to remember that they really are good for you, and with a little perseverance we’ll achieve greater success from our efforts.
Here’s some more words of wisdom to make your life easier…just like athletes need coaches, if you need assistance with a cybersecurity assessment, reach out to the team here at Axxys. We’ll be glad to assist in coaching you through a cybersecurity assessment to help you achieve success in your organization.