First and foremost you must protect your company from risk of incorrect information, data loss, lost customer information, lost productivity, law suits and governmental fines. However, you must also remember you exist in an interconnected data ecosystem that includes vendors, suppliers, and customers. Within that ecosystem you are only as safe as all your customers and business partners. Any weakness by any of the partners exposes everyone else to possible loss. Remember the CEO and CIO of Target were fired due to an intrusion that originated at a vendor site.
Ask yourself – Are you willing to risk your job and professional reputation because you don’t have the best cybersecurity strategy? Can you stand in front of your CIO, CFO, CEO and Board to assure them that your data is safe? Are you prepared to pay a fine because you had a lazy attitude about cybersecurity? And in a worst case, are you prepared to go to jail because you had not been diligent in preparing a cybersecurity strategy?