#3: Get the basics right
You know the drill: use encryption, be careful when using your corporate email account from public/shared computers, and don’t open emails from unknown sources. Getting the basics right is critical, as it will allow you to build an information security infrastructure on a great foundation. Most importantly, however, don’t let taking these steps lull you into a false sense of security.
When research suggests that the top worry for 45% of IT professionals is, in fact, internal, you have another battle on your hands.
Confidence comes hand in hand with capability. If you’re still using out-dated Exchange software, the extent to which you can guard against internal and external attacks is already inherently limited.
With this in mind, it comes as no surprise that confident IT security professionals are more than twice as likely to think that C-suite involvement in email security strategy is “very appropriate” – and 1.4x more likely to actually have that engagement.
In this way, our mistakes and negative experiences are, in fact, an opportunity – as exemplified by the fact that managers with recent, direct experience with an email hack/breach are more likely to have plans to migrate to Microsoft Office 365 in the next two years.
Discard the “if it isn’t broken, why fix it?” mentality: why wait until something goes wrong to implement much-needed change?