What will it take you to stop sleepwalking through your cybersecurity? How much evidence do you need about the essential nature of cybersecurity protections?
The End is Nigh.
You’ve probably seen enough movies or television shows to recognize that phrase; it’s most commonly taken as a sign that the messenger is insane in some way. Of course, the world isn’t coming apart. Look around us. It’s all still here.
Yet even as we acknowledge that, we know on some level it isn’t true. Whatever your thoughts on environmental destruction, COVID-19, social justice, and other pressing issues of the moment, you can’t deny that people don’t have at least some cause for feeling despair. This also applies to cybersecurity. A cursory glance around would lead any rational person to realize the severity of the problem, but plenty of people walk around pretending the sky isn’t falling.
Solutions Review has been writing on data breaches and best practices in cybersecurity for years. We’ve been insistent on the problems persisting in enterprise IT environments. However, it seems that so many IT decision-makers continue to sleepwalk through their cybersecurity.
This has to stop.
Stop Sleepwalking Through Your Cybersecurity
Hackers Aren’t Going Away
Let’s disabuse you of some notions:
- You are an ideal target. It doesn’t matter whether you’re a small business with a niche market or a mega-corporation that you think no one would ever touch.
- Some industries, such as healthcare are targeted more than others, but this fact obscures that every industry has its own threat actors.
- Installing a few consumer antivirus programs on your endpoints isn’t enough. Most consumer antivirus products don’t have the fortitude to resist a dedicated hacker’s cyber-attack.
- Further, legacy solutions can’t possibly manage the new workflows or security threats facing your business. Just because it worked in the past doesn’t mean it will work now.
- A homebrew solution only works to a point. They rarely have the scope and scale to handle the myriad problems posed by hackers or the expanding attack surface.
- Hackers have resources via the Dark Web you couldn’t imagine. Some hackers have become corporatized for better results or received sponsorships from national governments. They aren’t in dark hoodies sitting in a basement alone (usually).
- Hackers never stop innovating. They don’t let new technologies beat them; they modify and adapt their attacks to resist security capabilities.
Hackers, in other words, are a persistent and dangerous problem that can and will target your business in particular. In fact, the absence of next-generation cybersecurity basically leaves the welcome mat out for any number of threat actors to make themselves at home; hackers may still target more fortified businesses, but they are more likely to target low-hanging fruit. Time is money, even to criminals.
The Damage is Real (And We Have Examples)
Do you remember the Colonial Pipeline Ransomware Attack? You probably should, it only happened a few months ago and crippled fuel supply chains for weeks along the East Coast. Even with recovering most of the ransomware payment, they still lost millions.
How about the JBS Foods cyber-attack which jeopardized the food supplies to millions of people and cost the company millions?
We could on since it appears that once a week a recognizable or major corporation suffers a breach and the inevitable fallout. Yet this adds to the feeling of fury that so many IT decision-makers continue sleepwalking through their cybersecurity; simple mistakes like cloud misconfigurations or weak passwords or phishing attacks happen every day. The breaches keep happening and the damages accumulate.
It’s not like the best practices or the warnings don’t exist. They do. We publish these kinds of best practices every week. It’s just that the people who should be doing something about it aren’t. They are, as we put it, sleepwalking through their cybersecurity.
If you feel like that might be you, then we have news for you.
It’s time to wake up.
Stop Sleepwalking, 101
We could keep using data breaches as case studies and warnings to enterprises. We could continue to remind companies about the benefits of cybersecurity solutions. Moreover, we could go into detail about the key capabilities for each kind of solution. None of that matters if you aren’t listening or taking the concrete steps to make changes.
Nodding along and looking thoughtful accomplishes nothing. You need to do something.
Speak to your IT security team or security operations center. If you don’t have one, create one now. Tell HR to find the talent. Install a CISO into your C-Suite. If already have one, make sure they have a voice at meetings and that their suggestions are heard and implemented.
If you don’t have a solution, whether endpoint security, SIEM, or identity management, get one now. There are a lot of options, so you can absolutely find one that fits your use case. This isn’t a tomorrow problem. This is an immediate problem that if left unchecked could spell doom for your entire business.
If you’ve been sleeping up until now, you need to snap out of it.
The End is Nigh.
- More Expert Commentary and Coverage of the GetHealth Exposure - September 14, 2021
- GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records - September 13, 2021
- Panther Labs Releases State of SIEM 2021 Report - September 13, 2021