All Categories

Your Guide to Brand Development in Cyberspace

2/10/2021

Branding can be perceived as the be-all and end-all when it comes to establishing and scaling your business. On the one hand, for good reason - your brand embodies the experience you want your clients to have and it keeps them connected to you. On the other, the endless hype has given rise to many “quick-fix” branding guidelines that do not provide companies all the answers they need.

While such solutions tend to cover useful basics such as identifying your target audience, establishing your mission and creating your elevator pitch, they also remain on surface level.

Research shows that there are 12 identity elements, which constitute the key success factors of growing your brand in cyberspace. Awareness of your identity composition connects you with the depth of your business values and helps build a strong foundation for shaping your brand. This process - from uncovering your identity components to strategically applying the newfound awareness in your business communication - is combined in the Cyberpower Brand Framework.

Below, we unpack the layers of the framework and highlight the importance of reaching identity awareness before starting to implement the basics.

Starting with Identity Awareness

Your identity forms the core of your business and all your interactions. Your unique identity composition is made up of the elements you activate the most and the ones you activate the least. Both categories present opportunities to sharpen your brand strategy and refine your business marketing directions.

Maximising your most active identity elements or tapping into the least activated ones, can help specify new audience segments and improve your messaging. For example, a consultant who has thus far targeted startup founders, could find out that their identity better aligns with a narrower audience of female founders instead of a wider mix. This knowledge helps sharpen brand messaging and curate content for a specific audience that can derive greater value out of the provided products or services.

By becoming aware of your unique identity composition, you can make informed decisions around your strategic positioning and the narrative of your brand. Moreover, this supports authenticity and a consistent communication style, stretching from the core of your business to the messaging that reaches your wider ecosystem.

Safeguarding Your Digital Assets

But beyond the content-side of your brand, making a promise of digital security and privacy is now becoming the gold standard of business, as most of our interactions have moved to cyberspace. The measures and behaviours that fall under this promise can be summed up with the term cybercapacity.

Most SMEs, solopreneurs and freelancers do not prioritise investing resources into the development of a strong cybercapacity foundation. Unfortunately, this is often linked with the misleading belief of many small businesses around being “too small” or “insignificant” to fall on the radar of malicious cyber actors. But the size of a company does not provide protection from any cyberrisks. In fact, the likelihood of small businesses having a weaker cybercapacity can be a good enough reason for becoming a target.

Furthermore, risks in digital space also stretch beyond the common understanding of a cyberattack initiated by a hacker. For example, without an appropriate backup system and routine, you may lose valuable client material as a result of a technical accident with your computer that happens on your own accord. Seemingly small aspects of our own behaviour can put the digital integrity of our assets and interactions at risk.

With the right guidelines, however, implementing basic cybercapacity measures and behaviours is not as complicated as it may seem. Positioning this as the foundation of your brand, especially if most of your interactions have become digital, is a valuable investment of your time. It ensures that the powerful story that you brand can become remains protected from the inevitable cyberrisks that are evolving by the day.

To get started with the first steps of building your cybercapacity, check out our free Cyberpower Challenge:

Cyberpower Challenge

Developing Your Brand Communication

According to the Cyberpower Framework, the two components of uncovering your core identity and safeguarding your digital assets form the foundation of your business and all your interactions. Once you have reached a level of awareness around your identity and established a strong protective cybercapacity shield, you are ready to develop the rest of your brand communication.

By starting with these two components, you ensure that you can radiate authentic values as well as digital trust through all layers of interaction.

Quick fixes have the merit of ticking the boxes of basic brand components individually. But a comprehensive framework brings these together strategically and helps establish a captivating brand, while laying out a path towards sustainable growth. Before filling the separate rooms of the house that is your brand, it is worth laying a sturdy foundation in order for your brand to withstand the test of competition and support the growth potential of your business.

Interested in exploring further?
Check out the free taster package for the brand identity tool here.

Or schedule a conversation to discuss how the Cyberpower Brand Framework can best benefit you:

Schedule Free 20-min Strategy Session

Maintaining Momentum: Securing Your Business’ Cloud Journey Benefits

1/12/2021

By Priya E. Abraham

Third in a series of three articles on SME cloud migration.
In the first two articles of our cloud migration series, we focused on why cloud migration presents a lifeline for SMEs and how to get started with the journey. Our last edition highlights the considerations for maintaining momentum once your cloud journey has taken off.
To secure the benefits you seek to gain from moving to the cloud, your cloud strategy should factor in an adjustment period, following the success of the technical migration stage. This transition period aims to maintain the momentum gained during the cloud journey and ensures that your business secures the benefits cloud has to offer. One of the primary foundations for this momentum is formed through your organisation’s cybercapacity, which is reinforced through a privacy-first culture.

Strengthening Your Team in Cyberspace

For many SMEs, a limited cybercapacity is one of the underlying obstacles in the way of maximising the benefits of the cloud, and cyberspace at large. The cybercapacity concept can be viewed as an umbrella covering all the components you need to safeguard your business in cyberspace, spanning issues involved in cybersecurity and privacy.

Chief Information Security Officers, or CISOs, have often disclosed to me that many team members are even unaware if the software they use is hosted in the cloud or on premise. This is directly connected to our advice in the previous article - to identify a potential skills and knowledge gap and develop an employee training plan to address it during your cloud journey process. Follow up on the training and monitor your team’s progress for a defined period of time after the technical migration has been completed.
What should your team’s cybercapacity training entail? We suggest going back to the basics and embedding this into the wider context of your cloud strategy. For example, map out the “before and after'' changes that cloud migration will bring for you and your team. Shine a light on the implications for their daily tasks. Which safeguarding behaviours should your team keep in mind and why?

The development of your organisation’s cybercapacity entails a change in mindset on cybersecurity and on privacy, which requires a better understanding of the topic at hand. For actionable advice on first steps, check out our article on building digital trust, which dives deeper into the topic of cybercapacity building.
Migrating to the cloud requires that organisations build capabilities to mitigate cyberrisk caused by human behaviour, as well as reducing opportunities for cybercriminals to exploit human weaknesses. Behaviour change and an effective workplace culture is an iterative process. Revisiting the basics of your cybercapacity on a regular basis is one of the most valuable long-term investments you can make to strengthen the future of your business. Raised awareness of our behaviours as well as developing our own cybersecurity and privacy should be an integral element of the workplace culture.

Transforming into a Cybercapable Organisation

Transformation of the workplace culture is vital for a successful journey to the cloud. As we established when looking at the human factor of cloud migration, it all starts with change enablement and empowering your networked team employees to adopt new ways of working.
One of the ways of approaching this cultural change is by seeking to establish a privacy-first culture. This entails a reciprocal process among leaders and teams and considers how the technical and human capabilities related to identity come through in digital collaboration. Your cloud migration presents an opportunity to better conceptualise your team’s digital interactions, the process of which goes a long way in securing the benefits available in the cloud.
If you’re interested to find out more about the essence of building a privacy-first culture, check out another one of our articles, where we take a further look into what the process entails.

Culture is not automatically built - it is enacted through people’s identity. This is specifically so, when it comes to remote teams, which many organisations have become during the COVID-19 crisis. So what can leaders do to create and sustain a privacy-first culture from afar? It starts with digital trust. It takes an intentional and continuous effort to role-model and foster cybersavvy behaviours to build and maintain digital trust among the team and with clients.
When your organisation is successful in empowering change in culture, you’ll be able to enjoy the many benefits of cloud migration while minimising – if not fully eliminating – its dark side and thereby maximising the bright side. A successful journey to the cloud, can be recognised when all the technical pieces start to fall into place within the context of a wider culture shift.

Looking for personalised guidance on increasing your company’s cybercapacity or aligning your communication with your company’s brand identity?

Schedule a conversation with us

or check out the

Cyberpower Academy offerings

to get ahead.

Subscribe to newsletter

Transforming Your Business: The Human Factor in Pursuing a Cloud-first Strategy

12/12/2020

By Priya E. Abraham

Second in a series of three articles on SME cloud migration.

In the first article of the SME cloud migration series, we established the benefits of the cloud-first strategy. In our second edition, we proceed to move from the why to the how.

The increasing adoption of cloud-based solutions means that the internet is full of handy suggestions for the tools at the disposal of small businesses. For a recent overview, we’d suggest Techradar’s list of best small business software for 2020 as well as our own suggestions for secure remote tools from the beginning of the year.

The less talked about cornerstone of a successful cloud journey, is nonetheless the human factor in addition to the technical.

Human Factor in a Successful Journey to the Cloud

This comes down to transformation enablement - guiding your enterprise, its networked team and management, through the process of adapting their work behaviour in order to adopt new ways of working.

One of the main reasons behind the complexities of cloud migration is the lack of transformation enablement within the organisation which starts well before the adoption of new technology. Transformation enablement is a continuous process, which assists your organisation by defining more efficient ways of working and in proving the value the migration will bring to your team.

For instance, if an organisation wanted to encourage the adoption of a new cloud service, it might first communicate the purpose and benefits of the cloud service to its networked teams and management through internal project marketing. It might then pursue training and further education with the people development team and only then develop an external communication strategy with the assistance of its marketing team. On the technical side, it would develop a Proof of Concept (PoC), which would outline the advantages of the migration to the technical team and gain buy-in from decision-makers.

Consolidating Your Transformation Enablement Action Plan

To ensure success in adoption of any new cloud project, decision-makers must be organised and communicate their needs effectively with their team. Here is a quick preparation list for decision-makers to keep in mind when collaborating with the transformation specialist:

Sharpen the cloud strategy. Develop guiding principles for your enterprise IT cloud strategy. Analyse the key people involved in the journey across departments and support a common understanding of benefits from the cloud roadmap and support process to reach management buy-in.
Align with your brand identity. Make sure your internal and external communication with regard to the goals of your cloud migration strategy is also aligned with your unique brand identity.
Engage the key people involved. Assign them as transformation agents that can disseminate the message in the organisation.
Develop a common cloud glossary comprehensive for non-techies. It is important that everyone throughout the organisation can refer to the same terminology and speak the same language.
Analyse the impact of the cloud strategy on existing job roles. Everyone on the team should be aware of what to expect.
Describe potential skill gap. Develop an employee training plan to meet this gap. Identify relevant skills for future cloud operations.

Cloud migration, as any other substantial procedural transformation, requires getting every member of the enterprise on board with the project. Besides the technical how-to, it is therefore just as important to consolidate a strong internal strategy to ensure success in your cloud migration journey.

Get in touch to further explore how this applies to your business specifically:

Schedule a conversation

Subscribe to Newsletter

Scaling Your Business: Digitalisation and a Cloud-First Strategy

11/11/2020

By Priya E. Abraham

First in a series of three articles on SME cloud migration.

Many SMEs embody enormous growth potential. Yet in our line of work, we often witness the struggles that hold growth back. The underlying pain points are usually related to:

Challenges with integrating new technology
Tackling persisting security concerns
Being stuck in manual, and thus highly time-consuming processes.

The key to counter these issues lies in digitalisation enabled via the cloud. The growing availability of cloud-based solutions means that SMEs have more opportunities to scale their business than ever before. Although “cloud” has been the topic of the decade for a while, its benefits, migration strategies and maintenance is still a confusing terrain for many.
In order to clarify the landscape, let’s start from the beginning - why cloud? The answer, as you will see, boils down to scalability.

Transform the elasticity of infrastructure

On a technical level, cloud represents an elastic form of infrastructure - the opposite of any physical servers or data centres. This elasticity comes to life, for example, through the possibility of quick (and, if necessary, short notice) changes in storage or network capacity, in line with business needs.

SMEs are often in the process of strengthening their footing in their industry landscape. In circumstances, where a business might see a sudden increase (or decrease) in the number of users or sales, changes need to be made quickly. Many companies experienced this during the COVID-19 crisis, where some saw a sudden increase in users (e.g. e-commerce platforms), with others needing to downsize (e.g. airlines). Outsourcing such capacity to a cloud service provider ensures flexibility to meet the demands of external forces.

Smart cost reduction

Elasticity through digitalisation also ensures the freedom to pursue smart cost reduction. With the option to make changes in accordance to business needs, the company’s operational costs can be matched with relevant usage at all times.

Beyond that, cloud services simply eliminate the costs of setting up and running a physical data centre of your own. Digitalisation through the cloud, helps outsource such an immense task to an external provider, for whom this is a sole responsibility. Cloud service providers usually charge on a flexible monthly or annual basis, which helps business leaders plan and optimise costs accordingly.

Easing the weight of security concerns

Security has been one of the main concerns with regard to cloud migration. It could however be argued that for SMEs, cloud helps tackle major security questions rather than create them. By today, providers tend to have better security systems than what small businesses have installed in their on-site data centres.

A major disclaimer is nonetheless necessary here. Cloud service providers’ security guarantees are only effective in combination with a strong baseline of the business’ own cybercapacity and ability to audit the provider. This means that your company must adhere to basic cyberhygiene measures, strengthen your cybercapacity and have secure systems in place in order to fully safeguard the company. SMEs are therefore still responsible for auditing the trust placed in the service provider.

Agility to enable remote and foster innovation

Once you have successfully implemented your cloud-first strategy, you have established a solid foundation upon which true innovation may flourish. Cloud ensures location-independent accessibility, where data and applications are available at all times. This paves the way for building remote teams and thereby tapping into a whole new world of talent.

We have also seen that cloud migration inspires employees and teams to think about their jobs from a different angle. They start seeing possibilities in their work processes that were previously consolidated within more rigid systems. Availability and flexibility tends to lead to more effective collaboration, which in turn fuels creativity.

Digitalisation as a lifeline

Cloud therefore ensures scalability not only through technical infrastructure but also by empowering your team. Business landscapes are changing faster than ever before. The adoption of a cloud-first strategy is becoming crucial, in order to be able to simultaneously adapt and grow in these circumstances. Cloud is no longer a luxury for large enterprises, but a lifeline for SMEs.

Next up in the series: How to start your cloud migration journey?

Get in touch to further explore how this applies to your business specifically:

Schedule a conversation

Subscribe to newsletter

Leveraging Remote: How Business Leaders Can Rise to the Occasion

10/12/2020

Priya E. Abraham

The buzz around the words “remote work” has become a lot more prominent after the COVID-19 pandemic disrupted our previous understandings of “normal.” The world has however been moving towards remote work for already some time. Are business leaders ready to rise to the occasion and leverage this challenge?

The strong social momentum for working outside your home has its roots in the industrial revolution. The 1900s saw the beginning of the rise for what we now know as the “9-to-5, modern office routine.” Nonetheless, ever since the dawn of the first personal computers and the development of greater connectivity, we have slowly been moving in the opposite direction.

Previously, the trend has perhaps been slowed down by the concerns for employee productivity and negative impact on company culture. Indeed, even with the brief “return to the office” that many countries experienced/are experiencing, the same concerns saw daylight yet again. But what we witnessed in March, is still seen as the tipping point in the remote work trend. Hundreds of millions of people were sent home to work in the matter of a few days and weeks – with no long-term preparation nor transition period.

Although we are now seeing attempts of a slow return to the office, followed by a retreat back home, for many business leaders around the world, the past six months have opened their eyes to a new world of work.

The Truth About the Real Obstacle of Remote Work

The struggles around remote work are manifold. As with many things, so are its benefits. Let’s start with the first. The number of self-help articles on “Tips for working from home” represent how often these struggles are expressed as personal ones – ranging from motivation to the creation of personal routines. It is true that with such a transition, personal struggles and adjustments will definitely play a big role.

Nonetheless, when it comes specifically to remote work and its impact on the company, we should actually start from the company perspective. If employees are struggling to get their work done effectively, if team productivity is taking a hit or if “company culture” is seemingly no longer existent – the problem is that the company has not yet become a mature remote business.

The idea that your company can progress as a remote business illustrates that after overcoming the initial struggles, you can seize a whole new world of opportunity. This brings us to the benefits. Becoming a company that acknowledges the value of remote work illustrates a degree of flexibility that is crucial in surviving the unpredictable turns that the modern world presents. Even outside times of crisis, we are operating in an extremely fast-changing environment. Being ready to accommodate different employee needs and changing circumstances, adds to the success of a modern business.

Assessing Your Remote Business Maturity

So, how do we go about increasing remote business maturity? This can be operationalised in the Remote Business Design model, which illustrates how businesses evolve.

This model helps assess a company's stage of remote readiness. It also provides a basis for your business to progress through the five levels from physical manifestation to a virtual organisation, outperforming traditional businesses. The further your business goes on the remote maturity stages, the more important cybercapacity – comprising cybersecurity and privacy - becomes.

Depending on the digital maturity and available resources many vacancies, which have traditionally required a physical presence, are also innovating. It appears that in the future, physiotherapists can, for example, benefit from physiorobots for the initial mobilisation of patients. Or hotel check-in staff can benefit from self-check-in or even welcoming robotic creatures to replace their physical presence. The world is indeed changing, but for now, our focus remains mainly on the companies, for which going fully remote is already a possibility.

Stage 1 - Ignore: The starting level is where many companies were situated before March – business leaders were resistant to remote trends due to a lack of trust and digital capacity. Hence, there was little to no deliberate effort to go remote. This stage is characterised by working structures, where work happens on company equipment, in company space, on company time. Employees do not have remote-friendly tools at their disposal and may have to use clunky IT-systems to access basic work resources like email or their daily calendar.

Stage 2 - Unfreeze: The second stage could be described in terms of the events following the initial shift to remote in March. Companies accepted that work is going to happen at home for the foreseeable future, yet denied that this means deeper structural changes. With hopes and attention on the end of this pandemic, many companies chose to simply replicate their office flow in a “remote” setting, mostly leading to fatigue and poor results. Adoption of tools like Zoom or Microsoft Teams was carried out, but everything remained synchronous. Everyone had to be virtually present during all traditional “work hours” and employees’ working days were often full of interruptions.

Stage 3 - Experiment: Fortunately, some companies also found themselves progressing to further stages. This can be described by the recognition that their current state is an unproductive replication of the physical environment and that effort should be put into better adjusting to the new circumstances. This requires making actual changes, which can nonetheless, at this stage, be described as random and fragmented. Business leaders may start to invest in better equipment — from a good chair to solid audio gear — and may try to create more robust asynchronous processes in order to replace meetings.

Stage 4 - Align: When the beneficial results of those early investments start to appear, this is when the company progresses to stage four - the sweet spot. This can be described by processes going mostly asynchronous, giving everyone the space they need to produce their best work. Leaders evaluate people’s productivity by what they produce, not how or when this is done. Trust emerges as the glue that holds the entire operation together. Leaders begin shifting to better and more deliberate decision-making, and they empower everyone to weigh in on major conversations.

This stage is a crucial one. It is at this point that the transition from stage one to increasingly more advanced stages starts bearing the most fruit. It can be characterised by:

An increase in team members’ retention
Investment in effective and needs-based online training and coaching
Remote working setups become superior to any office location
Real-time meetings present an opportunity for team quality time and are therefore respected and taken seriously
Meetings have clear agendas and pre-work or post-work
Differences in time zones are being managed with ease

All in all, this is when the truly diverse team feels included and valued.

Stage 5 - Actualise & Maintain Momentum: The last stage represents the vision for your organisational culture, which is to remain in continuous definition and redefinition processes. Stage five is when your company consistently performs better than any in-person business could by being effortlessly effective. It’s when everyone in the company has time for wellness and mental health and when everyone brings their best selves and highest levels of creativity to do the most valuable work of their careers.

As mentioned above, at this stage of maturity, cybercapacity is the most important out of all other stages. Only with a strong foundation of tightly secured processes is your business able to thrive with remote work.

On top of that, we must recognise that this process requires continuous renewal. If we accept that the world in which we operate is in a continuous state of transformation, we should also accept that once we reach a certain stage, there will be new circumstances which will require us to adapt again.

Leveraging Remote Opportunities

When you progress through the five stages of becoming a truly virtual organisation, you begin to perform better than any in-person company. In our constantly changing world, this is a genuine opportunity. This stage of success is reached when your business processes are fully digitalised, the cybercapacity of your team is fluent and collaboration takes place with ease.

The overarching valuable impact of reaching the final stage is not only remote work focused. It also means that as a leader, you have created the conditions, in which everyone in your company has time for themselves - their wellness and mental health as well as their personal life outside of work. Even when things “return to normal,” the effects of building up a remote business will carry on into any other circumstances. This is because at its core, remote work is about flexibility and leveraging the tools we have at our disposal.

Maybe some people prefer to get some office time for various reasons and prefer a “return” once that is possible again. But given the flexibility of your business design, this means that the needs of every single person in your team are considered. Inclusion in such form can only be of benefit for your business. When your people are able to bring their highest levels of creativity and presence to deliver their best work, they delight your clients and help grow your business.

As an entrepreneur, you will repeatedly experience times of crises. Unlocking a remote work culture, which is tightly based on a strong cybercapacity and reflected in your brand communication is vital for business continuity in times of disruption.

Get in touch to further explore how this applies to your business specifically:

Schedule a Conversation

Subscribe to Newsletter

Password Management: Protecting the Keys to Your Digital Assets

9/12/2020

By Priya E. Abraham

Cracking simple and common passwords, such as ‘123456’ or ‘password’ literally takes less than a second. With the prevalence of such passwords, it is no surprise that this has become one of the most common ways for hackers to gain access to your digital assets.

This is important for you, as a business leader or a remote worker, because such methods easily pave the way for identity theft, financial fraud and data breaches. This is especially true, if you are working with a geographically dispersed team or network of clients. That’s why the basic requirements for password security have become so widespread:

Passwords need to be strong - complex and consisting of at least 8 characters such as letters, numbers and symbols.
Passwords must be regularly updated, in order to protect yourself in case your data has been part of a data breach.
Passwords must be safely stored and not blatantly shared via accessible channels.

While important, this traditional sequence of advice tends to be counterproductive in achieving sustainable password security and effective behavioural change.

Why? Consider this: Almost every large organisation routinely requires their employees to change their passwords. Employees, whose main tasks and competence may be connected to human resources, marketing, project management etc. Naturally, what these employees do not focus on among their daily responsibilities is cybersecurity. When this time of the updating cycle comes around, they are presented with the same requirements.

Without effective training, these employees are therefore also likely to be lacking the acknowledgement of the actual impact of password security. This means that due to the inconvenience that yet another routine password change creates:

they end up creating passwords that are easy to remember (and therefore easy to crack)
these weak passwords will subsequently be stored in an insecure manner - in post-it notes on their desk or notes on their computer
the employees will be further alienated from the core reasons behind password security

So when it comes down to the statement, “humans are the weakest link in cybersecurity” - password management is one of the most relevant examples of its application, especially when it comes to remote work. Our online accounts hold more critical data about us than ever before. And if the keys to this data are weak or easily hacked - so is your identity, financial details and much more.

Advice that works

As a business leader, you may therefore ask - if the traditional guidelines for password security do not work, what does? Perhaps we should reorder this advice. Instead of making your team reset their password every 3 months, let’s make the overarching goal: creating a sustainable password management system.
By today, we have a great selection of password management software to choose from. This software enables encrypted and secure password storage, effective methods for access sharing as well as helps you generate secure passwords in accordance to proven requirements. An effective system benefits you and your business by:

Helping you and your team avoid the stress of inventing secure passwords
Removing the burden of needing to remember all the passwords to various online accounts
Allowing you to establish an effective and sustainable routine for regular updates
Eventually protecting you and your business from becoming victim to an inconvenient and costly cyberattack.

For practical password management tools and a list of trusted online providers, check here what suits your needs best:

Risks to acknowledge and dodge

As awareness around password security increases, it is logical that browsers and other online tools are trying to catch up, integrating and simplifying user experience. You may have noticed that many browsers are now suggesting secure passwords and their storage upon a new password setup.

This seems like a modern and definitely comfortable solution. But browser-based password storage comes with its risks and we would not recommend this approach.

The reason behind this is the following: If you opt in for browser-based password storage, your browser will store a database of your login information. This database is often unencrypted. If a hacker were to gain access to your computer or your browser - which is easier than you may think - they have access to ALL your logins at once.

If you opt for the option of encrypted password storage on your computer, your passwords would be encrypted and protected by your chosen master password and inaccessible by your browser.

For step-by-step guidelines on how to remove passwords from your browser, check out this resource by University of Iowa.

Make it a team effort

When it comes to business security, password management has to be a team-wide effort - even, and perhaps especially, if your team is working remotely. A personal password management system is easy to achieve - it only requires your own will and subsequent behavioural change. But if only a few members of a team follow effective guidelines, the security of your business is still at risk.

Cybersecurity is often seen as a luxury topic. Commonly, it tends to become a priority when an attack or “close call” has already taken place. All we can say to that, is we suggest you make it a priority ASAP. After the initial time investment, you will be left with an effective password management system that will also help you save time in the future.

As much as possible, especially in SMEs and other small teams, this system setup should include the whole team. We recommend setting up an hour-long meeting time with your team in the near future to go through the initial setup process - from acquiring the software to agreeing on basic principles and a personalised password update process.

No doubt this requires behavioural changes and therefore a little bit of commitment, but the resulting security is worth it. If you’re looking for more actionable advice on creating a sustainable password management system and perhaps a step-by-step guide, check out Day 2 of the free Cyberpower Challenge here for more information.

Once you’re ready to take the next steps to upgrade your cybersecurity, check out our other offerings on the Cyberpower Academy and stay tuned for our upcoming course on Assembling Your Cybersecurity Toolbox.

Subscribe to Cyberconnecting newsletter

From the Inside Out: Ensuring a Successful Cloud Migration for SMEs

8/12/2020

By Priya E. Abraham

As cloud computing is now the new norm for enterprise IT, SME owners and their networked teams have to strategise in order to win their journey to the cloud. As Gregor Petri, Vice President Analyst at Gartner has noted, CIOs must develop a formal strategy to assist placing individual cloud decisions in the context of the company’s strategic goals.

But often, the benefits and costs combined with the immense pressure to jump on the cloud bandwagon are outweighed by the security challenges involved in migrating customer's private data to the cloud. With the global shifts we are seeing now, moving to the cloud is however becoming increasingly vital.

Another less-talked about but much greater challenge exists however, in mindset. Organisations migrating to the cloud have a tendency to focus on the technical with complete disregard for the culture of the organisation.

The Dark Side of the Cloud

Let's take a step back and review the traditional advantages of migration to the cloud: easy access to updates, scalability, significant reduction in time and cost, automatic downloads, and process optimisation. Not to mention the consequences involved if enterprises choose to remain 'on premise': higher cost, lack of agility, and being perceived as lacking innovation.

Then there’s the double-edged sword: there are many customers, who don’t trust organisations which move their data to the cloud. At the same time, agile customers demand fast and innovative services and don’t care if their data sits in the cloud or not.

How can the Migration to the Cloud be Both Smooth for SME Leaders and Satisfy Customers?

To answer this question, I would first pose the question: What do we mean when we talk about the importance of culture of an organisation? From my experience working with enterprises and startups, I would describe it as the human factor, a dynamic process created and recreated by interactions amongst and between leaders and their networked teams, including employees and freelancers and, specifically the trust between the different parties. Migrating to the cloud involves trust not only in interfacing data and networked teams but also trust between all of the employees within an organisation.

The challenges related to trust in the journey to the cloud might include:

violation of the confidentiality and integrity of the data
security of the infrastructure and architecture
non-compliance with a national or international regulatory body
reputational risk in case of a data breach
trust issues with the subcontractors
bankruptcy of the provider

Beyond the listed challenges, neglecting the necessary organisational transformation by not taking into consideration the mindset of the employees and management can cause massive delays, which in turn, result in an increase in cost and a huge risk to the reputation of the decision-makers.

Ensuring a Successful Journey with Change Enablement

So, how do you ensure your organisation's successful journey to the cloud? The answer lies in change enablement, which essentially, is enabling your enterprise, its networked team and management, to adapt their work behaviour in order to adopt new ways of working.

Many have privately lamented to me: “migrating to the cloud is so complex and daunting for us and the team, we would not even know where to begin." The reason for this is a lack of change enablement within the organisation which starts well before adopting new technology to your enterprise. Change enablement continuously assists your organisation by constantly defining more efficient ways of working and in proving the value the migration will bring to your team.

For instance, if an organisation wanted to encourage the adoption of a new cloud service, it might first communicate the purpose and benefits of the cloud service to its networked teams and management through internal project marketing. It might then pursue training and further education with the people development team and only then develop an external communication strategy with the assistance of its marketing team. On the technical side, it would develop a Proof of Concept (PoC), which would outline the advantages of the migration to the technical team and gain buy-in from decision-makers.

Sharpen the cloud strategy. Develop guiding principles for your enterprise IT cloud strategy. Analyse the key people involved in the journey across departments and support a common understanding of benefits from the cloud roadmap and support process to reach management buy-in.
Align with your brand identity. Make sure your internal and external communication with regard to the goals of your cloud migration strategy is also aligned with your unique brand identity.
Engage the key people involved. Assign them as change agents that can disseminate the message in the organisation.
Develop a common cloud glossary comprehensive for non-techies. It is important that everyone throughout the organisation can refer to the same terminology and speak the same language.
Analyse the impact of the cloud strategy on existing job roles. Everyone on the team should be aware of what to expect.
Describe potential skill gap. Develop an employee training plan to meet this gap. Identify relevant skills for future cloud operations.

Understanding the Impact of Cloudification on Processes

Remember that at the end of the day, the technical IT project is merely the vehicle of your digitalisation journey. Before delving into the technical details needed to pursue the migration, you should develop a Proof of Concept (PoC). PoCs are typically implemented in one business unit or in one geographic region to illustrate the advantages of the journey in a low-risk way, to learn from the experience, and to gain the necessary buy-in from decision-makers as well as disseminate the message across the organisation.

Think of it as a way to harvest low-hanging fruits after the implementation of the project.

The PoC should include documentation on the impact of current processes and tools, describe the interfaces between IT functions, the impact on operations, governance and sourcing, and define the billing and cost distribution model. Providers must also present documentation that meets the industry standards. In contrast, most providers' platform-driven business models only offer high-level hyperlinked pieces of information on compliance required by the decision-makers in the legal departments of enterprises for a thumb-up to migrate to the cloud. In the highly regulated financial services industry FSI, for example, the fragmented style of presentation of much needed legal details is insufficient.

Cybersecurity + Privacy = Cybercapacity

Change enablement also requires tackling some underlying obstacles of many organisations - a smaller cybercapacity. Chief Information Security Officers, or CISOs, have often disclosed to me that many employees are even unaware if the software they use is hosted in the cloud or on premise. That’s a concern that spans issues involved in cybersecurity and privacy.

Migrating to the cloud requires that enterprises build capabilities to mitigate cyberrisk caused by human behaviour, as well as reducing opportunities for cybercriminals to exploit human weaknesses. Raised awareness of our own behaviours as well as our own superior cybersecurity and privacy should be an integral element of the workplace culture.

This includes a change in mindset on cybersecurity and on privacy – in essence the development of your organisation’s cybercapacity. You’ll need to analyse the skill gap, develop an employee training plan to meet this gap, and identify relevant skills for becoming cybercapable.

Transforming into a Cybercapable Organisation

Transformation of the workplace culture is vital for a successful journey to the cloud. It all starts with change enablement and empowering your networked team employees to adopt new ways of working. Gaining buy-in from decision-makers through internal communications and a PoC is key. When your organisation is successful in empowering change in the culture, you’ll be able to enjoy the many benefits of cloud migration while minimising – if not fully eliminating – its dark side and thereby maximising the bright side.

Looking for personalised guidance on increasing your company’s cybercapacity or aligning your communication with your company’s brand identity?

Schedule a Conversation with us

or check out the

Cyberpower Academy offerings

to get ahead!

How to Safeguard Your Assets Through Simple Behavioural Change

7/14/2020

By Priya E. Abraham

One of the biggest advantages of working remotely is the unprecedented amount of freedom. You can work from almost anywhere that you are able to take a laptop or digital device. The world is truly your workplace. But with this freedom comes greater responsibility for the cybersecurity of your business and the privacy of your customers.

In the post-digital age, with more than 1 billion data breaches in 2018, we’ve seen that the technology-only cybersecurity solution provider has clearly failed.

So then how can remote workers ensure that their business is protected at all times against data breaches and guard the privacy of their customers? And how can team leaders ensure that their remotely working team has the necessary capabilities for a secure workflow?

Human Behaviour as the Weakest Link

At the end of the day, it’s not technology that can be blamed; it’s human behaviour. We are the weakest link in this game. The upside to this is that as an individual, there are data and privacy strategies that include daily actions and behaviour entirely within your control. These will allow you to reclaim your cyberstrength and boost your cyberpower while ensuring your customers and team that they can trust you with their data and information.
Here are a few of these behaviours you can easily implement for your business:

Use strong and unique passwords in addition to a Virtual Private Network (VPN). Although you shouldn’t use public WiFi if at all possible, remote working sometimes makes this impossible. A VPN can increase the safety of your public surfing by allowing you to surf the web anonymously and securely from anywhere, keeping your customer’s data private and ensuring it is safe from cybercriminals and hackers.
Think twice before posting anything on social media as it can be used for social engineering and data breaches. If you want to use social media that have better privacy agreements than Facebook, like Twitter or Reddit, consider having accounts that are anonymous and private and don’t provide personal information about yourself.
Provide internet service providers (ISPs) with the minimum information possible. The only way to ensure that they don’t leak your data is if they don’t have it. In addition, you can take extra steps to stop your ISP from tracking you: use HTTPS, using VPNs that don’t log your online access, adjust your DNS and use an anonymous browser such as TOR or Brave.

Staying Safe and Secure while Going Remote

For remote workers and solopreneurs, digital safety and security on-the-go is of utmost importance. Here are a few tips for ensuring safety whenever you are on-the-go:

Ensure the security of your digital tools - With conducting your work remote and on-the-go, it is important to pay attention to the digital tools you use to get your tasks done. Unfortunately, more often than not, the most popular tools that people gravitate towards may not be the safest choice. For more tips on this, visit our guide to making wise decisions when assembling your digital workspace.
Create regular backups – If you want to be prepared in the midst of an attack, you’ll need to have ready all of the latest work you did for clients. If you regularly backup your work, you’ll never be in a situation where you have to pay ransom to a hacker or an exorbitant fee to an expert to de-encrypt your data. Either use a cloud service or an external disc to save these backups.
Use `Find My Device.’ This is an Apple feature that can locate your device if it is lost, misplaced or stolen. Windows and Android have similar features as well. This only works while your device is online, however. If it’s offline you can still put it in lost mode, lock it or erase it remotely.

Reclaim Your Cyberstrength and Boost Your Cyberpower

Combining tech solutions with adjustments in human behaviour are the most effective ways to safeguard your business. Ultimately, the data and privacy strategies you choose as the head of cybersecurity of your business are your choice and your sole responsibility. Develop the cyber self-awareness you need to become resilient to attacks or data breaches, and you’ll have greater trust from your customers that their data is safe wherever you are in the world and no matter what the circumstance.

To support these choices and the required behavioural change, our Cyberpower Academy invites you to accept the free Cyberpower Challenge! Three days, three cyber behavioural changes, all for less than a 20-minute time commitment per day.

Join Cyberpower Challenge for free

How to Securely Build a Remote Team in The Era of COVID-19

6/12/2020

By Priya E. Abraham

Growing your business in the modern digital economy is an exciting task. You have a lot of freedom to select from a vast pool of talent offering their expertise on remote work platforms or through your network.

With effective and established onboard and offboarding best practices, these freelancers make a significant contribution to the success of your business. Onboarding is not solely about getting a freelancer started on a project. It’s also about connecting freelancers with your brand, culture, and connecting them with the team which helps them feel valued from the beginning.

Freelancers face a challenging balance of delivering a valuable work product, while working independently as an outsider. When they get out of sync, errors may increase and project results may suffer. A strong onboarding process, an understanding of your company values, and clear guidelines helps keep them in sync from day one.

Onboarding

Making the collaboration a success requires you to have an understanding of the components that make up your interaction with the freelancer. On a general level, these could be categorised under: your business, your project and your cybercapacity.

Your business
This category entails providing a comprehensive introduction to your brand and company culture. Taking the time to connect the freelancer with the team ensures that they are prepared to work in sync and feel like they are providing value within a larger collective, despite the physical distance.

Ensure that the freelancers you hire do not put your valuable client data at risk. Especially as you have worked hard to build and radiate digital trust - to win clients and develop a competitive advantage. One way to do that is through the establishment of a privacy-first culture, which we go more in depth with in our previous article.

Your project
Help the freelancer get up to speed faster and understand expectations by providing project documentation that shows the scope, research, and other relevant information. This aligns your visions and helps the freelancer ask clarifying questions before diving in. In addition to project background documentation, you may consider including:

Relevant internal documents the team currently uses
Related project samples
Project expectations, deliverables, timeline, and payment schedule as well as performance indicators.

You may want to give the freelancer a list of programmes and applications, so they can make time to familiarise themselves. While considering access, ask yourself:

What systems, files, and applications will they need, if any?
What programmes do we use for communicating? Sharing documentation?
Which personal data will you need to share? Upon which lawful basis (GDPR)?

Whilst independent professionals provide and use their own tools to do their work, they may need access to company systems for situations like delivering assignments or receiving project-related information. Ensure that you have checklists of any systems, applications, and programmes they may need to access like VPN or a company file sharing system. Use these to check how familiar the freelancer is with a programme and the connected compliance, also for applications used widely across industries.

In addition, it is important to explain the offboarding process and connected responsibilities already in the onboarding process.

Your cybercapacity
Cybercapacity can be viewed as the umbrella covering all the components you need to safeguard your business in cyberspace. The capacity-building components underneath this umbrella can be divided into two: cybersecurity and privacy (which we go into greater depth here).

For now, when it comes specifically to your onboarding practices, ensure that you have the necessary Data Processing Agreements (DPAs) in place, updated, and signed.

DPAs

A data processing agreement is a legally binding contract that states the rights and obligations of each party concerning the protection of personal data. DPAs are required for GDPR compliance, but they also give you the assurance that the data processor is qualified and capable, platforms and freelancers alike.

A data processor is another company you use to help you store, analyse, or communicate personal information. For example, if you are a health insurance company and you share information about clients via encrypted email, then that encrypted email service is a data processor. Or if you use a platform, e.g. Upwork, Fiverr to hire talent, this platform would also be a data processor.

But what should be included in a data processing agreement? In summary, here’s what you need. For details see GDPR Article 28, Section 3.

The processor agrees to process personal data only on written instructions of the controller.
Everyone who comes into contact with the data is sworn to confidentiality.
All appropriate technical and organisational measures are used to protect the security of the data.
The processor will not subcontract to another processor unless instructed to do so in writing by the controller.
The processor will help the controller uphold their obligations under the GDPR, particularly concerning data subjects’ rights.
The processor must allow the controller to conduct an audit and will provide whatever information necessary to demonstrate compliance.
The processor agrees to delete all personal data upon the termination of services or return the data to the controller.

These important points take us straight to the offboarding process.

Offboarding

A standardised offboarding process helps you leave a professional impression and creates a sense of completion once your collaboration with a freelancer is finished. The offboarding process is closely linked to onboarding and thereby also touches upon the three collaboration components outlined above: your business, your project and your cybercapacity.

Your business
A well-organised approach helps your business as a whole in several ways:

Positive and lasting impression
Positive working atmosphere and clarity of collaboration
No unnecessary litigation costs

In the hyperconnected world of today, the points above eventually impact any future collaboration you may have. Leaving a lasting impression to your freelancer means you are encouraging positive word to spread about your business. In order to achieve this, during the offboarding process, begin by focusing on the primary framework of interaction with the freelancer - your project.

Your project
As we outlined above, the onboarding process is closely related to offboarding. It is therefore useful to revisit the onboarding activities and the initially provided project documentation. Did you meet the goals you established at the beginning of the project? What were the lessons learned? And what was the value produced? Listen attentively to the freelancer’s point of view, to understand what impressions they are walking away with.

In order to leave a lasting impression and effectively wrap up the project from beginning to end, it is important to approach the freelancer as a valued part of your core team at all stages of the collaboration.

Your Cybercapacity
Lastly, to finalise your collaboration from a technical point of view, revisit the checklist of systems, applications and third-party providers that you worked with in the beginning, in order to ensure that:

Access to all the items on the checklist is effectively removed;
Any personal data or materials that the freelancer no longer needs are returned and/or deleted.

Furthermore, make sure that your offboarding process includes compliance steps in line with your country and industry. In case of COBRA non-compliance in the US, for example, the company and the employee/ independent contractor participating in the group health plan/ COBRA Administrator personally could be otherwise facing a cost up to $500,000.

We went into greater detail with the technical elements of the onboarding and offboarding process in our recent webinar and Q&A on June 18. If you want to learn more, listen to the recording by clicking the button below.

Listen to Webinar Recording

The world of work is changing alongside the modes and formats of collaboration. In order to stay on top of these changes and effectively tap into the vast and increasingly more mobile pool of talent, invest time into establishing well-structured onboard and offboarding practices that make sense for your business.

Subscribe to Cyberconnecting Newsletter

Beyond Digital Identity - Establishing a Privacy First Culture

5/15/2020

By Priya E. Abraham

The C19 lockdown has underscored the struggle many business leaders have with their cybercapacity. The pandemic impacted everyone’s life and businesses faced abrupt transition to cyberspace only, to which only a few were prepared properly. This is the perfect time for you as a business leader and your networked teams to align your digital identity management consisting of measures and behaviours.

Whilst the technical capabilities do reduce your business risk, they still require your leadership skills for the investment to turn into a competitive advantage.
Your teams’ displayed identity behaviours will finally help you turn around potential risks to become business benefits. This mindset must become the guiding principle across the value chain of your business. Let us deconstruct what we mean by your team’s identity behaviours. If your networked team has been working remotely or is starting only now, how does identity come through in digital collaboration? If your business is more or less mobile, what then, is your digital identity based on? Most importantly, how can you leverage your digital identity in the future of work?

Evolving from a Personality-based to an Identity-based Approach

Many organisations use personality assessments to recognise, hire and motivate their workforce. Developed in the latter half of the 20th century, this personality-based approach is believed to be closely linked to an individual’s expected professional performance. Personalities are based on psychological and cognitive factors and regarded as permanent.
But what if, as we believe, identity not only describes who we are, but is constantly in motion. As a construct, it is made up of both non-changeable aspects as well as elements that develop as time goes on. Developed at the beginning of the digital era, an identity-based approach stems from the idea that people shape an organisation, and an individual’s identity is developed through social interaction and interpersonal relationships among other members of the organisation.
Key differences in the concepts of personality tools and identity creation:

Building Your Privacy First Culture on an Identity-based Approach

Leading a business, you are ultimately responsible for proactively defining your identity and brand.
Unconstrained by management or the personality-based assessments of the human resources department idiosyncratic for larger organisations, you shape your privacy first culture based on digital identity. How then, can you shape and influence it to work in your favour?
Your behaviour-centric digital identity is dependent on a number of factors:

You: Your identity describes who you are. You have coexisting, multifaceted and overlapping identities. Identity is never static; it evolves over time.
Your interactions: Your interactions are key and your identity shapes the way you interact with others, face-to-face and virtually.
Your brand: You and your interactions inform your privacy first culture.

Your multi-faceted identity is also context-dependent. Individuals tend to emphasise different parts of their identity for example at home, surrounded by family, in comparison to work, where they are surrounded by their team. This therefore also extends to the way you exhibit yourself to your prospective clients, which will subsequently have an effect on your portfolio in the near future.
A significant advantage of this identity-based approach is its ability to recognise the individual’s entire self. As the highest level of Maslow’s hierarchy of needs, this type of self-actualisation would stimulate higher motivation in any remote worker and lead to greater productivity.

Integrating identity with privacy measures and capabilities

Three years ago, it was predicted that remote work will become the standard operating mode for at least 50% of the U.S. population by 2020. By now, it is clear that these numbers are likely to be much higher with the behavioural shifts that are taking place as a result of Covid-19. The world we are now entering, with even greater connectivity than first anticipated, requires the integration of your technical capabilities with your core identity. This combination establishes the foundation for a privacy-first culture.

Establishing a privacy-first culture is a reciprocal process among leaders and teams. Culture is not automatically built - it is enacted through people’s identity, specifically, when it comes to remote teams. So what can leaders do to create and sustain a privacy-first culture from afar? It starts with digital trust. It takes an intentional and continuous effort to role-model and foster cybersavvy behaviours to build and maintain digital trust among the team and with clients.

Subscribe to the Cyberconnecting Newsletter

<<Previous

Starting with Identity Awareness

Safeguarding Your Digital Assets

Developing Your Brand Communication

Strengthening Your Team in Cyberspace

Transforming into a Cybercapable Organisation

Human Factor in a Successful Journey to the Cloud

Consolidating Your Transformation Enablement Action Plan

Transform the elasticity of infrastructure

Smart cost reduction

Easing the weight of security concerns

Agility to enable remote and foster innovation

Digitalisation as a lifeline

The Truth About the Real Obstacle of Remote Work

Assessing Your Remote Business Maturity

Leveraging Remote Opportunities

Advice that works

Risks to acknowledge and dodge

Make it a team effort

The Dark Side of the Cloud

How can the Migration to the Cloud be Both Smooth for SME Leaders and Satisfy Customers?

Ensuring a Successful Journey with Change Enablement

Understanding the Impact of Cloudification on Processes

Cybersecurity + Privacy = Cybercapacity

Transforming into a Cybercapable Organisation

Human Behaviour as the Weakest Link

Staying Safe and Secure while Going Remote

Reclaim Your Cyberstrength and Boost Your Cyberpower

Onboarding

DPAs

Offboarding

Evolving from a Personality-based to an Identity-based Approach

Building Your Privacy First Culture on an Identity-based Approach

Integrating identity with privacy measures and capabilities

Archives

P.E. Abraham

Categories