20 min
106: Remaining Left of Bang with Brad Fraser - CEO of Infoprotect Changing the Conversation: The People in Insurance
-
- Management
How can brokers better advise clients with deficient cybersecurity architecture? What steps can we and our clients take to raise our cyber resilience and reduce the potential damage of an attack?
Businesses that haven’t suffered a cyberattack are in the minority, or alternatively, they simply haven’t discovered that it has happened yet. Infoprotect reports that 51% of businesses have suffered from a cyberattack or breach in the past year alone. In this episode of the Insurance Broker Podcast, returning guest Brad Fraser, CEO of Infoprotect, speaks about how we can improve the cybersecurity scaffolding that is so crucial for our data-centric industry, within our own businesses and those of our clients. In conversation with Boston Tullis’ Sarah Myerscough, he explains that while we are all potentially susceptible to a cyberattack, we need not cower in fear of this possibility. He outlines a straightforward and systematic approach for improving your cyber resilience, without deploying any of the jargon that often makes such advice inaccessible.
Quote of the Episode
“[Left of bang is] a term that was coined by the military, I think in the Iraq War. It's about being prepared and able to protect yourself before the attack happens. Be aware of your surroundings, have a situational awareness, and make sure that you've taken all the steps, because the last thing you want to happen is an attack to take place, and you're not prepared. Then you have to launch into a survival mode and scramble to get everything sorted out, and you suddenly realise, ‘I didn't do the basics. So, it's about situational awareness. When it comes to cyber, it's really around resilience… Just being resilient, and following the steps that can help you be resilient is so important.”
Much of the advice often distributed with regards to cybersecurity is retrospective, and only applicable after an attack has already taken place. Brad emphasises that to truly minimise the risk of such attacks, we must implement an array of systems and procedures by which they can be warded off. He offers a ten-step plan for building cyber resilience, also outlined in a blog on the Infoprotect website linked below, through which both small businesses and large enterprises can assess the state of their cybersecurity and implement measures for improving it. In doing so, you can ensure that your business and your clients can always remain ‘left of bang’ of any potential cyberattack.
Key Takeaways
When you’re putting out fires in your day-to-day work, it’s easy to overlook good procedures for maintaining healthy cybersecurity, and to allow any deficiencies within your digital infrastructure to go unchanged. Such nonchalance is exactly what cyber attackers aim to identify and exploit when targeting businesses.
Brad asserts that we must take a proactive approach to managing cybersecurity and building cyber resilience. He argues that this must begin with a comprehensive risk assessment of your digital infrastructure, thereby establishing a baseline from which your systems can become more resilient to attack.
Data has become the backbone of our industry, and therefore its secure storage and management is paramount. If our data is compromised in a cyberattack, the fallout will not simply be the loss of money and resources attributed to recovering it, but also the reputational damage of having insufficient cyber resilience. Brad argues that good data security is hinged upon several often underexamined areas of cyber resilience:
Asset Management – how is your hardware and software infrastructure built to ensure that systems are impenetrable?
Vulnerability Management – once you have cybersecurity software, are you keeping it up to date? What condition is it in?
Identity & Access Management – who can access the various systems within your business?
Instilling cyber resilience is not about raising hysteria about the prospect of cyberattacks. Rather, once you’ve
How can brokers better advise clients with deficient cybersecurity architecture? What steps can we and our clients take to raise our cyber resilience and reduce the potential damage of an attack?
Businesses that haven’t suffered a cyberattack are in the minority, or alternatively, they simply haven’t discovered that it has happened yet. Infoprotect reports that 51% of businesses have suffered from a cyberattack or breach in the past year alone. In this episode of the Insurance Broker Podcast, returning guest Brad Fraser, CEO of Infoprotect, speaks about how we can improve the cybersecurity scaffolding that is so crucial for our data-centric industry, within our own businesses and those of our clients. In conversation with Boston Tullis’ Sarah Myerscough, he explains that while we are all potentially susceptible to a cyberattack, we need not cower in fear of this possibility. He outlines a straightforward and systematic approach for improving your cyber resilience, without deploying any of the jargon that often makes such advice inaccessible.
Quote of the Episode
“[Left of bang is] a term that was coined by the military, I think in the Iraq War. It's about being prepared and able to protect yourself before the attack happens. Be aware of your surroundings, have a situational awareness, and make sure that you've taken all the steps, because the last thing you want to happen is an attack to take place, and you're not prepared. Then you have to launch into a survival mode and scramble to get everything sorted out, and you suddenly realise, ‘I didn't do the basics. So, it's about situational awareness. When it comes to cyber, it's really around resilience… Just being resilient, and following the steps that can help you be resilient is so important.”
Much of the advice often distributed with regards to cybersecurity is retrospective, and only applicable after an attack has already taken place. Brad emphasises that to truly minimise the risk of such attacks, we must implement an array of systems and procedures by which they can be warded off. He offers a ten-step plan for building cyber resilience, also outlined in a blog on the Infoprotect website linked below, through which both small businesses and large enterprises can assess the state of their cybersecurity and implement measures for improving it. In doing so, you can ensure that your business and your clients can always remain ‘left of bang’ of any potential cyberattack.
Key Takeaways
When you’re putting out fires in your day-to-day work, it’s easy to overlook good procedures for maintaining healthy cybersecurity, and to allow any deficiencies within your digital infrastructure to go unchanged. Such nonchalance is exactly what cyber attackers aim to identify and exploit when targeting businesses.
Brad asserts that we must take a proactive approach to managing cybersecurity and building cyber resilience. He argues that this must begin with a comprehensive risk assessment of your digital infrastructure, thereby establishing a baseline from which your systems can become more resilient to attack.
Data has become the backbone of our industry, and therefore its secure storage and management is paramount. If our data is compromised in a cyberattack, the fallout will not simply be the loss of money and resources attributed to recovering it, but also the reputational damage of having insufficient cyber resilience. Brad argues that good data security is hinged upon several often underexamined areas of cyber resilience:
Asset Management – how is your hardware and software infrastructure built to ensure that systems are impenetrable?
Vulnerability Management – once you have cybersecurity software, are you keeping it up to date? What condition is it in?
Identity & Access Management – who can access the various systems within your business?
Instilling cyber resilience is not about raising hysteria about the prospect of cyberattacks. Rather, once you’ve
20 min