Navigant's Cyber Risk and Information Security PracticeLearn More

Blog

Cyber Risk Management: An Ounce of Prevention16 February 2017

By
Risk Management

I recently had the opportunity to walk around the campus of the University of Pennsylvania in Philadelphia. As I was walking around I noticed that famous quotes from Ben Franklin were inscribed in some of the walkway stones. In case you are not aware, Ben Franklin was the founder of the college and a great thinker, visionary and statesmen. One of the inscribed quotes resonated with me due to its relevancy in today’s world of cyber security risk management. The quote was “An ounce of prevention is worth a pound of cure.” Cyber security is an overwhelmingly broad concept that most leaders and organizations struggle to understand. Because of this struggle, most of them choose to do nothing and ignore the inevitable reality that they will be the victim of a data breach at some point.

Ben Franklin wrote this quote in 1735 as part of an anonymous letter he submitted to the Pennsylvania Gazette. Although this quote is over 280 years old, the advice is still very wise and relevant. Organizations can invest in trying to prevent a data breach from occurring or they can pay the substantial consequences for being ill prepared. The reality is that it is difficult to 100% prevent a data breach but taking preventative steps will minimize the impact and damage. Organizations that allocate “an ounce of prevention” will find out that it is absolutely “worth a pound of cure.” The pound of cure can come in the form of fines, lawsuits, and brand/reputation damage. These are in addition to the significant post-breach forensic activities and security corrective actions that will be required. Organizations that embrace the ounce of prevention approach take the following actions:

  • Perform an annual cyber security threat identification and analysis exercise,
  • Develop an integrated and comprehensive cyber security risk management program,
  • Perform annual cyber security risk assessments that encompass the 3 pillars (people, policy, and technology),
  • Purchase cyber liability insurance,
  • Regularly practice their response to a data breach.

Ben Franklin was a wise and noted author, scientist, politician and inventor who is known for many famous quotes. One of his most poignant quotes in the context of enterprise risk management was “by failing to prepare, you are preparing to fail.” Organizations that do not invest in cyber security risk management should not be surprised when they fall victim to a data breach. If you would like to find out how you can develop a plan to develop your “ounce of prevention” roadmap, please contact COMPASS at 667-401-5108.

Work With Us Learn How