If you’re tuned into the news, you’ll have heard about the recent Garmin and other high-profile ransomware attacks, along with a long list of other attacks that are on the rise. And you’d think that huge corporations like these would be well-prepared for cyber-attacks, being that millions of dollars and sensitive business data are at stake. But all too many businesses assume it will never happen to them.
“It won’t happen to us”
How can you know your company is safe from attacks if you don’t understand your security systems? Or perhaps you don’t see the need to increase spend on cyber-security because you’re confident that your IT team will sort out any issues that arise. But with 2021 predictions of a ransomware attack every 11 seconds, how can you sit comfortably knowing at some point you might need to hand over millions to some criminals?
Criminals aren’t the kind of people you want to be negotiating with. You’re never going to get a good deal. Once they have your data, they can encrypt it and throw away the decryption key, while you pay up in the desperate hope of recovery as they laugh at you from behind their screens. They could hash the data, meaning it couldn’t be recovered in any case – so long and farewell to your intellectual property and sensitive information – but send your money just for fun while they pretend there’s still a chance.
Lock the door at least
Imagine your house gets burgled and you continue your daily life leaving the door unlocked. You might as well put up a “Criminals Welcome Here” sign on your front door. It’s the same with your business security system. Huge companies get hit by cyber-attacks then go on about their business without a thought as for how to prevent it happening ever again. That’s where perimeter security comes in: at least lock the door, hopefully before the horse has already bolted.
Compare it to extortion
For security firms, it’s mind-blowing that companies will refuse to spend a larger percentage of their IT budget to secure their perimeters, when the alternative could be weeks of inactivity and millions in ransom money. Just picture a scenario where you go to your CFO and say there’s someone who’s just come into the office, stolen various items, and has asked for $10 million in cash to get them back, and the CFO goes “alright, I guess the only option is to pay up”. It just wouldn’t happen. Yet when it comes to ransomware, businesses and government agencies are paying up left right and centre for a quick fix to their problem that could’ve been prevented with a security solution for 0.1% of the cost.
This isn’t the time to wait and see
So, the question is, where are you at now with your defences and where do you want to be? Would you rather pay millions for a chance to recover your data, or be confident that your IT budget is going towards protecting the business from attack? There’s no time for a wait-and-see approach in scenarios like these – you’ve got to protect your company data before you find yourself held at ransom for it. And when developing those defences is made easy with effective spending in manageable chunks, there’s no time like the present.
Is security on your board agenda?
Yes, security is complex. But do you have a traffic light showing your readiness? Do you have measurable KPIs on the different elements to prove you are ready? If the security officer’s view isn’t incorporated into that traffic light with relevant data points to back it up, that’s not really good governance. Defending a castle isn’t looking at how big the walls are, it’s looking for the weak points. Do you know yours?
For more information about how you can begin your journey to fortify your business system’s defences, contact Intragen now.