Is your Approach to Cyber Security Limited to a Checklist?


Is your approach to cybersecurity limited to a checklist?

I meet with CIOs and CISOs weekly to discuss their approach to cybersecurity. I often find that IT leadership seems secure in the knowledge that they are working from an established industry framework (such as NIST). This gives them a sense of security and a feeling they are in the safe zone.

Yes, working from established frameworks can be a good starting point to cybersecurity execution. NIST and ISO27001 are robust and a good place to commence the play.


Problems with a checklist approach to cyber security

A checklist approach to security can lead to companies investing in solutions, in isolation. It leads to limited visibility of what they are protecting and what against.

To have maturity in security a company must consider deeply the business it is in, and the level of security it needs. Organisations should leverage frameworks and best practice but not at the expense of their unique business risk profile.

Whilst having a checklist can provide guidance into how to approach your cybersecurity strategy, it is not an umbrella solution that can cater to every organisation. What your organisation requires is a solution that is unique to the needs of your business. A solution that allows for the flexibility to which a checklist does not cater towards.


Evolving your cyber security approach

As the cyber landscape inevitably continues to evolve, so too must your cyber approach. A combination of old threats, such as ransomware, and new threats, such as the internet of things, will come into play, creating additional complexity for CISOs and other C-suite executives to prepare for.

To ensure of this flexibility, make sure your organisation’s approach to cyber security is in line with your organisational requirements, and not a checklist that you found from an article on google.

What is your approach to cybersecurity? Are you following a checklist? Is it bespoke and suited to your firm?


To find out more about our ‘By Design’ approach to cyber security, visit this page, or contact us for us confidential consultation.

Ajay Unni

Ajay Unni is the Founder and Chief Executive Officer of Stickman. Ajay specialises in helping customers manage the growing threat of data breaches and compliance with globally accepted industry standards for data security and compliance. More articles by Ajay Unni

Take charge of your cybersecurity today, with Stickman.

Get in Touch