Sam.F
Involved In Discussions
I get surveys from customers sometimes about cybersecurity and since the IT guys dont work with us full time. Is in my own to answer those questions. Is not just simple stuff .
What is Cybersecurity?
- Thread starter Sam.F
- Start date
I get surveys from customers sometimes about cybersecurity and since the IT guys dont work with us full time. Is in my own to answer those questions. Is not just simple stuff .
Sam.F
Involved In Discussions
Well, when i said is in my own to answer those cybersecurity questions i lied. Sometimes i go with the owner of the Company for advices but i dont think he knows much either 
). The only answer to my question is that, the company needs to hire an IT full time cybersecurity employee to manage all this (funboi's idea). And one of my other question is do we have to be 100% compliance and by when. (I heard by yr 2025 the score submitted to the government website should be in a good percentage is this true?)
). The only answer to my question is that, the company needs to hire an IT full time cybersecurity employee to manage all this (funboi's idea). And one of my other question is do we have to be 100% compliance and by when. (I heard by yr 2025 the score submitted to the government website should be in a good percentage is this true?)Check with your local NIST MEP - they can help youWell, when i said is in my own to answer those cybersecurity questions i lied. Sometimes i go with the owner of the Company for advices but i dont think he knows much either
Sam.F, I am not feeling confident in your responses to our questions.
First thing, please review your contracts in order to understand what your organization has already promised as this subject goes.
Past that, IT security (for our purposes here let's define that as the activities to ensure continued availability of our uncorrupted data) can seem obscure if we don't know what we are are talking about. Your job as QA Manager is not to know all of the technical details of a secured IT system, but a QA Manager would have a sense of the risks of loss of data security, and what is in place to address those risks.
Can you give us more information on these subjects?
First thing, please review your contracts in order to understand what your organization has already promised as this subject goes.
Past that, IT security (for our purposes here let's define that as the activities to ensure continued availability of our uncorrupted data) can seem obscure if we don't know what we are are talking about. Your job as QA Manager is not to know all of the technical details of a secured IT system, but a QA Manager would have a sense of the risks of loss of data security, and what is in place to address those risks.
Can you give us more information on these subjects?
ChrisM
Quite Involved in Discussions
Same here.
Who in your organization is responsible for IT, and the security of your IT system? If they do not understand the risks of your organization being hacked you need to call upon expert advice. This does no mean that you have to have a full-time employee who is an expert in this area, you can use an external provider on a contract basis. One thing is certain though, you need to take cybersecurity very seriously ("you" meaning not just you personally, but all those working in your organization. Do an internet search for "Maersk" and "computer hacking" or "ransom" if you would like to see just how devastating a cyber attack can be
Hacks - one type of threat - don’t have to be “devastating”. For example, a company had their entire calibration system deleted off a networked pc running Windows 97 - no big deal some might say, but the cost and disruption to an organization with 3,000 customer owned gauges (alone) and having to rebuild that data can be a big deal. BTW - the UKs National Health System was brought to its knees due to a similar vulnerability and they have many IT “experts”…
That's to be expected when you use an operating system that doesn't exist.
ChrisM
Quite Involved in Discussions
^
Possibly Funboi meant "Office 97" as the application rather than the OS. Whatever, I recently came across a PC at a company that was still running Windows XP; it may not have been networked however. There are still many organizations running PCs with obsolete/unsupported operating systems because, for example, they run special programs for testing items, and these test programs will not, and have not, been updated to run on newer operating systems. Sometimes this is because the programmers have "moved on" and nobody else know how the program is structured to work. In such cases it is obviously ideal that the PC is not networked. I still have a netbook at home running XP that I use for a particular program because the software will not run on any later OS. Of course I have turned off the networking capabilities; otherwise it's still a perfectly good working computer, it's just that Microsoft (and other commercial companies who write web browsing software) has decided I should no longer be able to use it to browse the net and/or send emails
Possibly Funboi meant "Office 97" as the application rather than the OS. Whatever, I recently came across a PC at a company that was still running Windows XP; it may not have been networked however. There are still many organizations running PCs with obsolete/unsupported operating systems because, for example, they run special programs for testing items, and these test programs will not, and have not, been updated to run on newer operating systems. Sometimes this is because the programmers have "moved on" and nobody else know how the program is structured to work. In such cases it is obviously ideal that the PC is not networked. I still have a netbook at home running XP that I use for a particular program because the software will not run on any later OS. Of course I have turned off the networking capabilities; otherwise it's still a perfectly good working computer, it's just that Microsoft (and other commercial companies who write web browsing software) has decided I should no longer be able to use it to browse the net and/or send emails
Similar threads
