Technology is undeniably a powerful tool.

We're about five months into the pandemic, and in that time our Delap team, like so many others, has been almost exclusively working from home. Technology has transformed our capacity to continue to work and add value to our clients' lives by working remotely.

But there's another side to technology: It's also a powerful tool for cyber criminals. There are people out there who want to steal the sensitive information of you and your business.

Sometimes being successful is about avoiding disaster. Reducing your exposure to cyber risks and increasing your cybersecurity can protect your business.

On this week's episode of Success That Lasts, podcast host Jared Siegel sits down with David Buchanan, Delap partner and Chief Information Security Officer. David has spent his entire career helping companies protect and manage their cybersecurity exposure. He is also a participant in the X9 F6 Working Group, an organization dedicated to the development of security standards for the retail payments industry.

Tune in here, at, or wherever you listen to podcasts to hear David discuss the importance of cybersecurity and cybersecurity awareness training programs:

Here are a few highlights from their conversation:

  • According to David, the cybersecurity industry’s market value was $156 billion in 2019. The estimated value for 2020 pointed towards $165 billion, which is expected to increase up to $248 billion by 2023.
  • Today’s global connectivity grants us many conveniences and privileges. However, we are now more reliant on technology and therefore more open to a wider variety of security breaches.
  • Jared asks David about his approach to cybersecurity. David shares questions he likes to ask clients to get a gist of what needs to be done. You should be aware of what’s in your environment as it pertains to information storage and how it sprawls, he says.
  • David understands that non-cybersecurity organizations only have a finite amount of resources they can allocate toward cybersecurity. While you need to be aware of your security, you don’t need to be an expert, he remarks.
  • Social engineering is defined by David as someone using a sense of urgency or supposed authority to convince you into performing an action or divulging information you normally wouldn’t. They usually deceive you by pretending to be someone who has your trust or who has authority over you to request information.
  • Implementing security awareness training is one of the highest impact, lowest cost things you can do to improve your risk management posture.
  • David talks about the origins of Delap’s cyber practice. What makes it unique is that it was developed at Delap, by Delap employees.