It’s a day like any other day. People are working hard, making money for the company, and not worried about any impending disaster. Network security people know better, though. They realize this day could be the single worst day of their professional career if the company’s ystems are breached and customer information is hacked.
So how do IT people handle this burden? Marcus Curley, director of IT at Mountain West
Farm Bureau Insurance, knows he and his staff have to be prepared to respond to any emergency
and realize beforehand what they need to do should an event take place.
“Any IT issue can be the single worst day of your career, but it’s really how you prepare
yourself, your team, and your business teammates around you that
matters for these types of security issues,” he says.
In preparation for such a dark day, Mountain West has developed educational programs, response plans, and initiated table-top
“No one likes to be thrown into the game without knowing any
of the plays, what their role is, or who’s on the team,” says Curley. “Going through these scenarios helps prepare us by building
‘muscle memory’ from running through some of the more probable
possibilities, and aiding us with the dynamic nature of these issues.
Security is a moving and evolving target. You remain vigilant by
surrounding yourself with solid people, teams, technology, and
Preaching the Gospel
Curley describes security as similar to a chain with multiple links. The chain is only as strong as
its weakest link. Technology is one of the links in the chain, but there are more employee links
than technology links, which is why regular education and discussion with employees is critical.
“Our company leaders have an acute awareness of the importance of information security here
at Mountain West,” says Curley. “Communicating the latest threat trends, plans, and roadmaps
for our security—and keeping them prepared for a security event—is extremely important. Since
security is much more than an IT concern, you need to have involvement from your business
leaders to bolster the security on the business side from processes, physical security, training, and
enforcement. If you’re myopically looking only within IT as the source of security and defense,
you’re only doing part of the job.”
Senior leadership at Mountain West understands the consequences and ramifications of being
For those charged with maintaining a company’s
cybersecurity, the worst day of their career could
come without any notice. Are you prepared to
react to that eventuality?
By Robert Regis Hyle