After Target got hacked through a third party vendors HVAC controller, I got interested in Vendor Risk Management. I co-authored Small Business Cyber Security with Tom Gilkeson, Director of Corporate Security from Michelin North America.
We wrote this as a book for directors of cyber security who need to help manage risk for their supply chains as well as a guide to smaller business as to what large companies are looking to talk about before doing business with them.
Your company is a fortress―secure, safe, and productive―but when there is a threat, you, the “superhero IT person,” are pinned with solving the problem.
What if preemptive action was taken to create a framework for an accessible
and executable security plan? Security is everyone’s business, and making it
such is vital in order to:
• educate staff throughout the company and address the status quo;
• know what to do with risk; and
• build solid security into systems and ways of business.
Adam Anderson and Tom Gilkeson expose trends that the leading cybersecurity
professionals in the nation are dealing with so that you, the individual
security expert, are able to use the tools and techniques necessary to
deal with your company’s security needs and communicate them to C-level
In Built to Survive I tell the story of Jessica, a first time entrepreneur who has to deal with cyber security in order to make money and win customers. I borrowed heavily from Star Wars plot.
All entrepreneurs and business leaders face similar cyber security frustrations:
Should they worry about it, what should they do about, and where should they even start. Decisions never seem to get made, or, once made, provide the illusion of security but don’t actually reduce a business’ cyber liability. But there is a solution. It’s not complicated or theoretical. The National Institute of Standards and Technology used your tax dollars to produce a framework and we at Element Security Group have produced the business process for achieving the measurable reduction in your cyber risk. This process was developed through working with large enterprises and studying 20,000 vendors to those companies.
In Built to Survive, you’ll learn the secrets of securing the six key components of your business. You’ll discover simple yet powerful ways to do cyber security strategic planning and turn cybersecurity from a scary unknown, to a normal business process no different than developing a marketing plan. Successful companies are applying Built to survive every day to run their cyber security planning and execution—and you can too.
For an illustrative, real-world deep dive into the study that produce the methodology, check out our companion book, Small Business Cyber Security, co-authored with the Director of Corporate Security of Michelin North America.
I wrote the monster within because I learned that the real Cyber Threat facing businesses wasn't a computer science one, it was a behavioral science one.
This book helps a business owner to modify their beliefs around cyber risk and adopt business continuity planning and risk reduction as their goal, not being 100% safe all the time.
After Reading “The Monster Within” you will:
1.Possess Cyber Self Awareness and an understanding of how your Beliefs about Cybercrime and Cybersecurity can defeat you before you even start as well as have the tools to reframe those beliefs.
2.Possess understanding on how cybercrime works and why they are after what you have.
3.Discovered that cybercrime is about behavioral science, not computer science, and learned to focus on business processes, not technology.
4.Learn that cybersecurity is nothing more than security controls bolted onto existing business processes and that it is often better to change the business process rather than buy technology.
5.Learn that having a plan is the difference between success and failure and that the plan comes in two forms, your business continuity and disaster recovery plans.
6.Learn that smart people have come up with frameworks that allow you to approach this complicated topic in a methodical way and that by leveraging the NIST Cyber Security Framework and the Built to Survive Methodology, you can produce all of the policies, procedures, and security controls needed to ensure that your business systems and processes are protected.
What is the biggest threat to business in 2019? Is it escalating trade wars, global economic meltdown, nuclear war, or perhaps environmental calamity?
The biggest threat to business is cybercrime. Cybercrime is rampant, with worldwide costs expected to double from $3 trillion in 2015 to $6 trillion by 2021. And it is not just Fortune 500 companies that are paying the bill. In the past two years, two out of three small and medium-sized businesses (SMBs) had to deal with at least one security incident and cyberattacks on small organizations are only increasing.
While not every security incident is equally devastating to business, more than half of all successful cyber attacks targeting SMBs result in financial losses of over US$500,000. This effectively means that a single cyberattack can put your small undertaking out of business, especially if your organization is ill-prepared for the potentially lethal threat posed by cybercrime.
If you are a small business owner and you don’t know exactly what cybercrime is, what it means for your organization, let alone how you can prepare for this threat, this book is here to help you out.
I noticed a cyber crime trend, the bad guys were going after people who had access to other people. Mainly they were attacking CPAs. I thought I could accomplish two things at once. First, train CPAs to be safer in the world of Cyberspace. Second, train CPAs to advise their customers on how to be safe and charge them for it.
I partnered with Clemson University's Center for Corporate Learning and the Masters of Accounting to launch this NASBA approved, 3 CPE cyber security course.
Get better at cyber security, build a new revenue stream for your firm outside of tax season, and get 3 CPE credits?
The number one cyber security risk facing the business owner is that they have incorrect beliefs around cyber risk. So I wrote a book and turned it into a 2 to 3 hour online class.
We address the three core beliefs:
I'm not important and no one is looking for me.
I'm don't have anything anyone would want.
I can't stop them anyway so I'll just be wasting my time, money, and energy.
While geared towards the business owner, the content is important for everyone in the company who uses email or technology.
Copyright © 2018 Adam Anderson CEO - All Rights Reserved.