My Library and Courses
Last Update: Monday June 21, 2021

Key Idea: Appoint Your Own Security Guru

Robin Matlock, vice president of product marketing for the McAfee Systems Security group, tells us that data security in any business is a full-time job.

Key Question:

A: A: Yes.  We all do

. Yet, too few of us even do backups to protect our intellectual assets in time of natural disaster. When 9/11 was unfolding, many people wanted to take up arms to defend the nation. But the enemy was virtually invisible.

Does your business have a Chief Financial Officer (CFO)? A Chief Operating Officer (COO)? The title may not belong to anyone in your organization, but most likely the function rests with one individual. Often, the owner assumes certain roles in the business, such as Chief Executive Officer (CEO) and Chief Marketing Officer(CMO) and assigns other roles. Any assigned role ultimately reports, formally or informally, to the CEO.

Q: Who assumes the role of Chief Information Officer (CIO) in a business?

The answer is not the server administrator or that talented employee everyone in the organization calls when their computers freeze up. And it's certainly not a vendor, not an IT consultant or a hosting service. Even if the data processing function is outsourced, a decision that makes a lot of sense in a lot of small businesses, some trusted member of management, and ultimately, the business owner, takes responsibility for oversight of this area.

The CIO is a management, not a technology function. A working knowledge of technology is certainly required and must be maintained, but the CIO doesn't need to know how to upgrade the operating system or back-up the files.

The primary function of the CIO is a risk management function, to manage the risk if the organization's information is lost or corrupted. This risk includes the risk of natural disasters, hacking, inadequate insurance, failure to follow appropriate business processes, and a myriad of others. Like all risk management functions, the cost of minimizing the risk must be weighed against the likelihood of the event occurrence and the cost the business will bear if the event occurs. You cannot eliminate the possibility that your information system is hacked into; you can't spend enough money to 100% guarantee that your system is secure. The challenge, and it's a big one, is to mitigate the risk cost-effectively.

Questions for this clip: 1 | 2

Think about it

Who is your CIO?

Clip from: Protect Your Priceless Data - Understand Security

Meet Art Wong of Symantec, data security guru

Silicon Valley, Seattle, San Diego:  One of the biggest problems in small business today is that we under-estimate the value of our data and we have trouble believing anything can happen to those computers - until it does. And, it will. Issues that face each of us range from viruses to automated internet attacks to outright theft and natural disasters. The cost of these issues in lost information and lost time sometimes is the business itself. Most of us know we need to take a few steps to secure our data but simply do not know where to start.  This episode of the show is our 1-2-3. Please, have somebody in your business become an expert. If you are a sole proprietor, you'll just have to do it!

Go to all of the key ideas and videos ...
Go to the homepage for this episode...


Robin Matlock, Executive Vice President and General Manager

Business Classification:

Year Founded:

Appoint Your Own Security Guru

ROBIN MATLOCK: This is an evolving issue. It's not that you can take one point in time, protect yourself once and then be done with it. This is something that needs maintenance, it needs nurturing. It's something that needs water like a plant. You water it once a week. You make sure it's healthy. You really must nurture your infrastructure to keep yourself protected and productive.

HATTIE: (voiceover) I met Robin Matlock, vice president of product marketing for the McAfee Systems Security group one of the largest white hat companies in the world.

ROBIN MATLOCK: With small businesses, by that I mean the real small businesses. We define that as being 100 employee or less, most times those business owners don't have a dedicated person on staff to help them with their IT issues.

So its the principal, or the president or the office manager who happens to be a little more technical than their peers and that person takes on the responsibility of the computers in the environment. So often they don't have any background in these areas and yet they are trying to maintain all the security of the small business. We find that is kind of an unrealistic expectation. They need solutions that are easy to use, easy to deploy. Because they're not IT experts, they need solutions that are not designed for IT experts.

HATTIE: As a small business owner, what should I be nervous about regarding my systems?

ROBIN: First of all there are about 60,000-70,000 known viruses* out there today. As soon as you connect to the Internet, if you don't have proper protection in place, you're a sitting duck.

*Editor's note: Known as "Zoo Viruses" (some number these viruses over 100,000, but by "classes" they're in Robin's range) -- these viruses are safely in captivity. There are also "In-the-wild" viruses (just over 900 of which over 200 are truly active) -- these are the waiting for naive prey. Statistics are kept by International Corporate Security Association (ICSA) and the European Institute for Anti Virus Research (EICAR). For more, visit the "definitions" page linked from the profile page.

Not a member yet? Learn!  Be empowered! Join us!