The cybersecurity experts agree – don’t become cavalier or lax about security, thinking a disastrous cyber breach can’t happen to you. This is a HUGE mistake – and something the hackers bank on – that we’re easy prey, whether as unwitting individuals or an entire corporate culture in denial. Read Marc Goodman’s bestseller Future Crimes if the experience of having your personal information hijacked doesn’t wake you up!
First, it’s important to assume ALL your email is being read – and with the “hole” in Microsoft Windows 10 announced recently (giving hackers deep access – likely the source of the cyberattack on Gazelles’ Verne Harnish), it’s not a sure bet that you can keep email safe even using VPNs (which are strongly recommended by Harnish since the infiltration of his computer via unsecured wireless network, so use them more diligently when you travel).
Harnish takes the position of Google and is building all his financial and sensitive-information protocols around one assumption – NO email is safe from some kind of cyber exfiltration. You may have heard of the many scams where invoices were intercepted and bank account info was changed – so your payables department thinks it’s paying a regular bill and wires the funds to the wrong account – ugh. One firm was defrauded $10 million this way. Another company was defrauded of $47 million in a similar scam, so the threat is real, constant, and potentially costly to a disastrous degree.
Minimizing the Risk of Corporate Theft
So, what can the average executive or user do to minimize risks like the Gazelles cyber breach and other examples of corporate financial theft? It’s a harsh reality, but ALL financial transactions now should be reviewed by CEOs via a phone call with TWO people. You should also take the time, via CEO Portal (get one if you don’t have one) and use an authenticator like a dongle (key) to OK the transactions.
Make sure NO sensitive info is sent via email – account numbers, credit card numbers, etc. – make a phone call instead. We’ve been lured into a false sense of security surrounded by high-tech hardware, when, ironically, picking up the phone is safer.
Next (and, per Verne Harnish’s own example), make sure ALL bank wire info included on invoices is verified by PHONE with the supplier you’re paying before being entered into your CEO Portal for dual authentication approval. Once it’s in the system, you can then pay that vendor via that account – not hypothetical amounts on a future invoice. And, if they send a change of bank info, it’s verified via a PHONE call to the vendor (verifying the phone number online).
Sadly, 90% of cyber theft is an internal job. So, build your protocols with this in mind as well: TWO people must verify everything. By the way, this is another good use of the daily huddle – to verbally verify information. The short of it? You can’t trust email, no matter what you do.
Coaching Replaces Managing
Harnish’s “constant theme” in 2016 has been that no one wants to be managed anymore — data has replaced management. But, we all need coaching, which is why Harnish believes in SUCCESS Magazine owner and friend Stuart Johnson’s upcoming program he’s created with some of the top players and influencers surrounding Coach John Wooden, one of the winningest coaches in sports history, creator of Pyramid of Success, a complete guide to leading yourself and others to a “championship life”.
Pick the Right Players
A critical element in “championships” is recruiting. Two specific articles/blog posts this week by Scaling Up fans/practitioners provide some excellent details around attracting and hiring the right people. The first is by Sukesh Das, Founder & Chief Editor of hrmanagementleaders.com. He opens with the 3 reasons standard job descriptions end up attracting the WRONG talent, which he nails. Then he goes on to detail the creation of a Job Scorecard along with an excellent example and sample Job Scorecard. The key is including the OUTCOMES you’re wanting this person to achieve. His example greatly helps to clarify the whole process.
Common Language, Common Ground
Outstanding coaches also create a common language to streamline communication. Besides emphasizing the importance of Topgrading in this Forbes article, David Schnurman, CEO of Lawline (the largest provider of online legal education), goes on to detail how implementing a common language completely transformed his growth firm. Specifically:
“The overall consensus is that we have completely transformed by focusing on 3 major areas 1) transparency of information, 2) alignment of departments, and 3) active participation by creating a forum for employees to share their concerns or challenge without fear.”
No doubt part of that openness and lack of fear in the corporate culture of enterprises everywhere will help lead the way to a more unified, secure, and productive workplace, collectively.
Get an IT Security Consultation and Get Secure
If you’re concerned about data security and lack of openness and communication in your organization, get your company network and corporate culture secure with an IT consultation from CITOC, which is a leader in IT security and services. Call us at (713) 490-5000, or email us at email@example.com and we will be happy to help you with any questions or concerns.