A top concern is, “do I have a false sense of security?”

what worries cyber executivesIn other words:

  • Are all my controls working properly? Any malfunctions, like a door that doesn’t close all the way on its own?
  • Are any of my controls so overbearing that people are going around them (e.g., using personal email and personal file sharing instead of company services)?
  • Are any of my controls inadequate for the risk I’m trying to manage, like having a good business continuity plan that we never practice?

This line of thinking often leads me to consider myself to be a “professional paranoid person.”

Leave a Reply

three + two =