Why Companies Are Struggling With Cybersecurity: Big Players In Bad Situations

Major entities like Microsoft and governmental bodies continually stumble in the face of persistent cyber threats, despite having abundant resources at their disposal. It’s baffling to witness, and this article explores the pressing question: “Why does this keep happening?” As headlines continue to reveal vulnerabilities within even the most robust cybersecurity infrastructures, the need for a comprehensive security approach becomes abundantly clear. The irony of the situation cannot be ignored: even industry giants falter, and in doing so expose cracks in current cybersecurity strategies and emphasize the imperative of a holistic defense.

Unveiling the Paradox of Big Players in Bad Situations

Names like T-Mobile, Capital One, TikTokMGM, and Prospect Medical stand out among the casualties of malicious cyber events. These situations, where tech titans with thousands of cybersecurity experts find themselves grappling with cyberattacks they couldn’t fully comprehend, stick out like a sore thumb. The same holds true for governmental bodies entrusted with safeguarding national interests. The gap between cybersecurity rhetoric and practical implementation repeatedly results in breaches that compromise data, disrupt operations, and erode trust.

Fragmentation of Cybersecurity Tools

It is particularly frustrating when the cybersecurity landscape is flooded with tools and solutions targeting specific threats— from phishing training to endpoint security and everything in between. However, the Achilles’ heel lies in the fragmentation of these point products. Instead of an integrated and comprehensive approach, we end up with a disjointed and compartmentalized strategy that hackers exploit. The SolarWinds event magnified this issue, emphasizing the need for a more cohesive strategy. Throwing money at the problem without a holistic approach to the solution is ineffective.

Breaking Down the Walls: A Comprehensive Vision

The exposure of sensitive personal and financial data from a misconfigured web application firewall affecting over 100 million customers underscores the far-reaching impacts of a single security lapse. As does a massive casino chain paying nearly $15 million in ransom to hackers, and another shutting down operations in the wake of a cyberattack, resorting to recording customer information with pen and paper. These incidents persist because of the failure to adopt a comprehensive security vision that covers an organization’s entire IT landscape. The necessary mindset shift involves moving from reactive security measures to proactive and holistic protection. Cybersecurity isn’t just about acquiring the latest tools; it’s about fostering a culture of awareness, vigilance, and constant monitoring, and integrating security measures into every layer of the IT architecture.

The prospect of uncapped penalties for breaches emphasizes that the status quo is no longer tenable. Organizations must reevaluate their cybersecurity strategies as interconnected fortifications, and seamlessly weave security into the fabric of IT operations to ensure that every system, application, and device contributes to resilience against threats.

Rethinking Internal Security Operations

In the quest for robust cybersecurity, it’s crucial to question the logic behind organizations continually building and investing in their own Security Operations Centers (SOCs). After all, businesses don’t typically invest in constructing their own power plants or water purification plants; they rely on specialized external entities to provide these critical services. In a similar vein, cybersecurity requires expertise and resources that extend beyond the capabilities of in-house teams. The futility of attempting to create a fortress within the organization becomes evident when we consider the ever-evolving threat landscape. Cybercriminals adapt quickly, and their tactics become increasingly sophisticated. Maintaining an internal SOC not only requires substantial financial investments, but demands constant training, monitoring, and adaptation to keep pace with the evolving threat landscape. Organizations can benefit from adopting a more pragmatic approach by leveraging the expertise of external cybersecurity firms, much like they rely on external utilities for power and clean water. This allows them to tap into a broader pool of specialized talent and resources, to enhance their overall cybersecurity posture and free up internal resources to focus on core business functions.

Comprehensive Is All or Nothing

The state of continual cyber incidents reminds us that even organizations with significant resources can fall victim to cybersecurity threats and vulnerabilities in their infrastructure. Comprehensive security is an absolute necessity in today’s cyber threat landscape. It encompasses monitoring, disaster recovery, detection, response, culture – and a commitment to covering every possible aspect of process, people, technology, and tools with cyber-aware security policies and protections.

In the face of an ever-evolving cyber threat landscape, a comprehensive security assessment is not just a consideration; it’s a necessity. This proactive approach empowers organizations to identify vulnerabilities, address weaknesses, and bolster defenses against potential cyberattacks. By embracing a holistic security assessment strategy, businesses can navigate the digital realm with confidence, ensuring the protection of sensitive data, maintaining customer trust, and safeguarding their operational continuity.

This article was originally published in Forbes, please follow me on LinkedIn.

AI In The Boardroom: The Inevitable Evolution Of Decision-Making

New hammers have a way of finding nails to work on. As our quest to harness the potential of artificial intelligence continues, it’s only a matter of time before the technology’s reach extends into the boardroom and begins to play a pivotal role in decision-making processes. Given the trajectory of AI’s influence is seemingly preordained, the central question now revolves around the allocation of decision-making authority between AI systems and their human counterparts.

In the ever-evolving landscape of corporate governance, cutting-edge technology has become a defining element of boardroom dynamics. Amid these innovations AI is emerging as a transformative force, recalibrating the mechanisms of decision-making and redefining the essence of interactions. The impending impact of AI on the boardroom is undeniable, as it offers organizations strategic avenues to amplify efficiency, bolster efficacy, and ultimately foster sustainable growth.

This march of change has already commenced, with AI progressively augmenting the boardroom landscape and bestowing tangible value. To illustrate, consider my own board meetings, where a segment is dedicated to the array of AI projects within our organization. These initiatives fuel improved customer experiences, heightened precision, expedited responses, and cost reduction—attesting to the substantial contributions AI is extending to modern boardroom strategies. Through what other new and futuristic dimensions might AI enrich boardroom experiences?

Better Governance and Compliance

In an era marked by stringent regulations and increased scrutiny, boards are under immense pressure to maintain compliance and demonstrate transparency. AI can play a pivotal role in streamlining compliance processes by automating tasks such as risk assessment, legal document review, and data privacy compliance — especially in an environment where cloud plays a prominent role.

Beyond its mechanized efficiencies, AI-equipped algorithms stand as vigilant sentinels, proactively unearthing anomalies and irregularities nestled within an organization’s operations. This prescient capability empowers boards to rectify misconduct and uphold ethical standards, and begets a culture of unwavering accountability. AI, then, acts as a sentinel that safeguards stakeholder interests and fortifies public trust.

When this AI-driven approach is extended to security frameworks and normative analytical data, a twofold advantage emerges. Firstly, it helps fortify against insidious insider threats by erecting barriers that deter potential breaches. Secondly, it imbues decision-makers with a comprehensive vantage point, backed by insights derived from meticulously analyzed data. As we delve into this new frontier of AI-orchestrated governance and compliance the prospects are tantalizing, promising a paradigm shift as disruptive as it is fortifying.

Navigation Through Unconscious Bias

Within the realm of decision-making, the specter of unconscious biases can cast a subtle yet significant shadow with the potential to obstruct the path to goal attainment. AI emerges as a potent corrective force, offering the ability to mitigate biases through meticulous analysis of objective data, and ultimately provide impartial insights.

The utilization of AI thus introduces an invaluable dimension of fairness and equanimity. By harnessing the power of unbiased data, AI-infused boards embark on a transformative journey where each directors’ input resonates harmoniously. The result? An enlightened decision-making ecosystem inclusive of diverse perspectives and informed by impartial AI-driven analysis.

Fostering Enhanced Collaboration

Envisioning a future enriched by AI, I anticipate its instrumental role in facilitation and amplification of collaborative endeavors within the boardroom. This prospective reality heralds a transformative era, wherein virtual boardroom assistants and astute chatbots become the harbingers of a seamless and highly efficient communication landscape. The infusion of AI imbues these tools with remarkable capabilities, unfurling avenues for directors to seamlessly exchange information, orchestrate meetings, and share insights across temporal and geographical divides.

Yet, the metamorphosis does not cease here. AI-empowered collaborative tools possess the remarkable ability to distill intricate data into intuitive visualizations and lucid reports, ingeniously presenting complex information in a manner that readily appeals to comprehension. This harmonious synthesis of AI and collaborative tools confers directors with an invaluable arsenal, enabling them to partake in cogent discussions and swiftly converge upon consensus. By seamlessly uniting these facets, the board is poised to ascend towards definitive and decisive actions that steer the course of progress.

Driving Decision-Making

While the industry has been using terms such as “data-driven” and “business intelligence” for years, boardrooms previously relied heavily on human judgment and experience to make critical decisions. That era is quickly fading.

With the business landscape growing increasingly complex and data-driven, boards are increasingly compelled to utilize advanced technologies such as AI to process vast volumes of data and extract valuable insights. This proactive approach positions organizations to seize opportunities and navigate challenges with agility, setting themselves apart as industry leaders.

AI-powered analytics platforms are equipped to analyze massive datasets from various sources, including market trends, customer behavior, and financial indicators, and provide boards with comprehensive and real-time intelligence. Soon, these AI technologies may also make decisions. This augmented decision-making process could empower boards to identify opportunities, assess risks, and strategize with unparalleled precision.

In other words, it won’t be long before AI extends beyond the enhancement of individual decision-making. AI technologies will present a unique opportunity for organizations to revolutionize their governance structures, enhance decision-making, and create a competitive edge. From strategies to outcome assessment, anticipating disruptions to future-proof scenarios, there is no limit to how many elements AI can help improve.

Staying Ahead of AI

Amid the allure of autonomous functionalities, a prudent reminder surfaces: AI remains a tool whose potential lies in its judicious application. The integration of AI demands meticulous and strategic orchestration throughout each step. Within this context, the stewardship of Executive Boards becomes paramount, and a trifecta of imperatives—cybersecurity, data privacy, and ethical considerations—assumes a pivotal role in ensuring AI’s ethical integration.

A harmonious synergy, where the wisdom amassed by human directors intertwines with AI’s analytical acumen, offers us a blueprint to shape an unprecedented future – a future in which AI does not really want our jobs. It’s within this coalescence that the boardroom transforms into an epicenter of innovation and a cradle for collaborative ingenuity. As we march forward into this new epoch, the marriage of human acumen and AI shall carve a pathway to unparalleled accomplishments and boardroom success.

This article was originally published in Forbes, please follow me on LinkedIn.

Unveiling The Cyber Conundrum: Why Government Hacks Outpace Mega Corporations

In today’s interconnected digital landscape, cyberattacks have become an unfortunate reality impacting government institutions and mega corporations alike. However, a notable disparity emerges when we compare the frequency with which the US government reports breaches compared to major companies like Target, Google, Facebook, Apple, or Microsoft. Is there an inherent lack of diligence on the part of government entities, or is something else at play?

Public Obligation and Transparency

One significant factor contributing to the difference in reported breaches lies in the contrasting obligations of disclosure for the government and corporations. When a government entity is hacked, it bears public obligation to announce the breach promptly. This stems from the need to uphold transparency and prevent any exploitation or coercion by concealing such incidents. In contrast, corporations, although subject to regulatory requirements for disclosure, may not face the same level of public scrutiny or potential backlash. Consequently, some companies may choose not to report certain breaches to protect their reputation and brand image, leading to the perception of a lesser number of breaches at large.

Beyond Reporting: Disparity in the Number of Attacks

Some of the disparity in the number of attacks is related to the reporting of governmental events versus those of major corporations. However, much of the discrepancy can be attributed to a difference in the actual number and frequency of attacks impacting the two groups. By many measures, governmental agencies are more vulnerable to attacks for a few key reasons.

Organizational Structure and Resources

The intricate organizational structure of the government can play a role in its vulnerability to cyberattacks. With numerous agencies and departments distributed across vast geographic locations, there are often more logical and physical gateways into government networks. Attackers may find more potential entry points, making the task of securing these networks immensely challenging.

Use of Legacy Technology

One crucial factor contributing to the government’s higher susceptibility to cyberattacks is the prevalence of legacy technology in some agencies and departments. Unlike large corporations that continually update and upgrade their systems and stay at the forefront of cybersecurity, some government entities still rely on outdated technology and software. These legacy systems often lack the latest security patches and updates, making them easier to breach and more susceptible to exploitation by cybercriminals. Additionally, the bureaucratic nature of government decision-making and budget allocation processes can lead to delays in implementing technological upgrades. This lag in adopting modern cybersecurity solutions and keeping them updated creates an opportunity for attackers to target and exploit vulnerabilities in outdated systems.

Point Solutions and Fragmented Security Approach

In contrast to the comprehensive cybersecurity strategies employed by mega corporations, the unfortunate reality is that some government agencies have fragmented security approaches. Different departments within the government at times implement their own security solutions, resulting in a lack of centralized coordination and consistency. This fragmented approach can lead to gaps in defense, where attackers can exploit weak points at the intersections between different systems. Moreover, the lack of a unified security framework can make it challenging for IT teams to detect and effectively respond to cyber threats.

The Pervasiveness of Cyber Threats

The Edward Snowden disclosures shed light on the impressive capabilities of cyber espionage agencies, particularly the NSA. Over time, other nations have likely developed similar capabilities, and with the advent of AI the scalability of cyberattacks has increased exponentially. This puts both governments and corporations at greater risk, with an ever-evolving and highly sophisticated threat landscape that poses a constant challenge for cybersecurity experts.

Addressing the Conundrum

To address the disparity between breaches experienced by the government versus corporations, several key measures can be taken by governments to strengthen their resilience against attacks.

Modernizing Legacy Systems: Government agencies should prioritize the modernization of legacy technology to ensure they are equipped with the latest security features and updates. This requires streamlined decision-making processes and adequate allocation of funds to support technological upgrades.

Emphasizing Cybersecurity Awareness and Training: Both government and corporate organizations should invest in comprehensive cybersecurity awareness and training programs. Human error remains a significant vulnerability, and educating personnel about cybersecurity threats and best practices can significantly reduce the risk of successful attacks.

Implementing Comprehensive Security Measures: Governments should adopt a centralized, comprehensive cybersecurity strategy that expands across departments and agencies. Implementing a unified security framework will help address potential gaps and inconsistencies in defenses, enhancing overall resilience.

Promoting Collaboration and Information Sharing: Government entities and corporations can benefit from sharing threat intelligence and collaborating on cybersecurity initiatives. Establishing partnerships between the public and private sectors can lead to a more robust and proactive defense against cyber threats.

Bridging The Divide

The perceived disparity in the number of reported breaches between the US government and corporations stems from various factors, including the government’s public obligation to report incidents of all sizes. However, legacy technology and fragmented security approaches within some government agencies contribute significantly to their increased vulnerability to attacks in the first place.

To bridge this gap, government agencies should take a cue from the private sector and prioritize modernizing their technological infrastructure and adopting a centralized cybersecurity approach. By investing in cybersecurity awareness and training, and collaborating with the private sector, both governments can fortify their digital defenses and navigate the evolving threat landscape with greater effectiveness. Through collective efforts, we strive to secure our digital future and safeguard against malicious actors aiming to exploit our interconnected world.

This article was originally published in Forbes, please follow me on LinkedIn.

Ignoring Cybersecurity Is Intellectually Dishonest

It should be common knowledge by now that, if you ignore cybersecurity, you are putting yourself and your company at risk. Yet, organizations are still inviting trouble by using legacy tactics and a multitude of legacy tools, coupled with insufficient planning of their cybersecurity programs.

A Sea of Cyber Blight

There is an endless sea of industry news and data that exhibits cyberthreats and all their shameful glory. The latest report by cybersecurity firm Sophos showed how 97% of organizations suffered a breach in the last year. Everything from ransomware attacks to phishing scams and data theft was included, and it’s entirely possible your company (or those you work with daily) is in that report – or the next, or the one after that.

The report on the costs of these breaches should shock even the most jaded of readers. On top of reputational damage, legal fees, business downtime, and the loss of data, the overall price tag for an average breach is just over $4 million. Ransomware attacks have an average cost of just under $2 million. Some are probably lower, and some are probably much higher, but the result is the same. It’s just plain nasty.

Stop Pretending

Pretending your company does not have valuable data as an excuse for ignoring cybersecurity is simply no longer acceptable. Virtually all businesses collect and store some form of sensitive information, whether it be customer data, financial information, or intellectual property. Furthermore, a lack of cybersecurity can also harm partners and suppliers. When just one company is breached, it can spread to others throughout the supply chain, leading to a ripple effect of financial loss and reputational damage.

A negligent business decision can start with just one intellectually dishonest act. In this way, ignoring cybersecurity is not only financially irresponsible, but also ethically wrong. Organizations and professionals who help make these organizations tick have the additional, inherent duty to protect personal customer information and employee data.

Everyone Means Everyone

Hackers do not discriminate based on company size or industry, and they will target any business with valuable data. Cybersecurity is not a luxury or afterthought anymore; it’s a basic necessity. Ignoring it or doing an incomplete job is akin to ignoring physical security measures, such as locks and alarms. Cybercriminals are constantly evolving, and so should your cybersecurity measures. Too often, the headlines expose the truth that somewhere in the chain of events, the ball was dropped – once, twice, or as many times as needed. Also too often, these incidents go undetected for days, weeks, even months before the ultimate event transpires.

Reports that approach near 100% occurrence of cyber threats are not the kind of news we want to hear in the industry. When I recently reviewed the T-Mobile attack, my intent was to help others raise shields, and protect themselves against these existential-level type of events.

Principles Over Tools

Focusing on cybersecurity principles over products and tools is critical to successfully protecting your organization. Comprehensive and proactive security principles, such as active visibility, monitoring, detection, and resolution of anomalous conditions across applications, identities, behaviors, infrastructure, cloud, endpoints, and data, should be emphasized. In many cases, services such as managed security and active response and resolution services are the best products to meet these needs. Traditional Managed Detection and Response (MDR) services should be renamed to Managed Detection and Alerting (MDA) to avoid confusion, since they are mostly alerting services. Cybersecurity awareness should focus on the real MDR which is “Resolution,” and goes beyond traditional security swim lanes to extend into deep into patching, monitoring, DevOps, and disaster recovery.

Statistics show that cyberattacks are a prevalent threat to businesses of all sizes, and the cost of ignoring them is too high. Pretending that a company does not have valuable data is dangerous, and leaves you vulnerable to attacks and future victimization. Ignoring cybersecurity response is not only financially irresponsible, but intellectually dishonest.

This article was originally published in Forbes, please follow me on LinkedIn.

When Companies Get Stuck In A Cybersecurity Loop

Repeating the same actions over and over again and expecting a different result is, to some, the definition of “insanity.” The saying holds a certain logic, but by the same token repeated actions can also serve as an opportunity to practice or improve in some way. When it comes to responding to cyber incidents, it’s always interesting to see which way a company chooses to go. Will they follow the path of insanity, or will they learn, adapt, and improve their cybersecurity?

Last year we discussed lessons from the T-Mobile breach. Yet it seems history is repeating. Here we are again, contending with news of the eighth data breach T-Mobile has endured in the last 5 years. There are so many elements surrounding the cyber-plight of this company that we’re forced to visit the topic again. This time around with a bit more focus – and some very serious questions.

First, the reports on this incident from late January 2023 said the data of some 37 million customers was lost. Apparently, hackers exploited an application programming interface (API) on one of the company’s platforms. Further, the hackers first accessed the data in late November 2022 yet could not be stopped (and were probably not detected) until over two months later, sometime in late January.

T-Mobile: A Significant Target

It’s not much of a secret that T-Mobile is a data-rich target. Its existing and legacy customer base includes millions of accounts, with personal billing information, dates of birth, addresses, and other personal identifiable information (PII). On top of that, T-Mobile has exhibited vulnerability through the sheer number of successful attacks inflicted on them, making the company even more of a target.

Will the eighth time be the charm? We can only hope this incident will serve as a turning point for T-Mobile, a time at which they have asked every question and learned all they can learn, to ultimately build the kind of cybersecurity practice that prevents and reduces incidents, and works proactively to minimize the damage incidents cause. Doing so successfully takes a number of steps that anybody on the outside can predict, and begs the following questions:

  • Has the company’s board held its C-level executives accountable?
  • How much qualified help has the company requested?
  • How can the company’s digital operations be running this far in the dark?
  • Is the company really ready to make effective decisions about its issues?
  • Are the T-Mobile IT organization and IT security organization being truly transparent with their leadership?

And the overarching question: Is the internal T-Mobile IT organization equipped to deal with cyber-threats, or are they better off partnering with experts? We’re not looking to pick on a company when it is down, but for T-Mobile there’s been a lot of time down on the mat.

Making Cybersecurity Decisions (Breaking the Loop)

Cybersecurity is not a one-time project, but a continuous process that requires regular assessments and updates. Unfortunately, many companies view cybersecurity as an afterthought or an expense rather than a critical aspect of their operations. This often leads to a loop of inadequate resources being allocated to cybersecurity, resulting in insufficient protection against threats.

Additionally, many companies do not conduct regular security assessments, or fail to address vulnerabilities identified during the assessments that occur. Among the most common mistakes companies make are not prioritizing cybersecurity and not seeking partnerships to assist in this mission.

Seeking the right outside assistance is a sign of strength, not weakness. It takes leadership to make this decision, but if they are affected by indecision it will eventually bring them back around to the same place – hacked, embarrassed, and an even bigger target than last time. Collaborating with an outside partner to deliver a comprehensive security service is a proactive step towards ensuring the continued success of a business in today’s ever-evolving cybersecurity landscape.

Cyber Impact and Remedies

This time around, T-Mobile’s cybersecurity lessons must be thorough and systemic. They must include the ability to monitor, alert, and react upon their entire digital estate. It’s clear they need an outside perspective and help; what they’ve been doing for the last five years is simply not working. Weeks of unfettered, unauthorized access by an outsider just simply cannot happen again.

Cybersecurity is critical for every company, regardless of size or industry. Companies that make cybersecurity mistakes can put themselves at risk of a cyberattack, which can result in significant financial and reputational damage. It’s essential for companies to prioritize cybersecurity and invest in adequate protection to mitigate the risk of cyberattacks. By doing so, companies can protect their sensitive data and reputations, and ensure the continued success of their business.

This article was originally published in Forbes, please follow me on LinkedIn.

Cybersecurity: Why The C-Suite Should Care

In this age of digital marvels, the cybersecurity challenge weighs heavily on businesses of all sizes. Across the spectrum, companies are regularly fighting through incidents such as breaches, data leaks, advanced persistent threats, and ransomware attacks. Great costs affect those unfortunate enough to find themselves attacked, and attacks can be devastating. Not only that, cybersecurity attacks are ruthlessly agnostic. Cybercriminals don’t care about an organization’s size and target anyone from large-to-mid-size business down to the smallest of shops with the same techniques targeted at major corporations. Cybercriminals don’t discriminate based on type of product or service sold, either.

Mid-Level Hit, Massive Impact

In early February, the largest Canadian online book and music retailer, Indigo, was under attack for several days. The attacks affected customer orders in both retail locations and online. The company was unable to process electronic payments, gift card transactions, or returns during this time. Recently, Indigo representatives provided an update about the ransomware attack and revealed that sensitive past and existing employee data was accessed during the incident.

Attacks against a mid-tier retail operation like Indigo raise important questions. They make you wonder about Indigo – or any business’ – ability to survive. Big companies can metaphorically shrug attacks like this off. They have high cost redundancy, cutting-edge recovery tools, and costly emergency assistance from cyber disaster specialists at their disposal. They also have the deep pockets to pay their way out. Companies such as Amazon, Apple, Sony, Target, or Disney, for example, have strong brands that allow them to recover from compromises in ways that smaller, less recognizable companies simply cannot. Data shows that 60% of small to mid-size companies that suffer a successful cyberattack will not be around in 6 months.

Existential Challenges

For mid-market companies there is no safety net. Cyber-insurance is costly and difficult to obtain, and when the rubber hits the road policies only pay a part of qualified expenses. In a cyber crisis, you still need emergency cash to cover expenses to get back to operational stasis. Thus, there is a massive resiliency distinction between big companies and every company in the mid-market or smaller range.

One of the main reasons cybersecurity incidents can be more dangerous for small and mid-size companies is that they often lack the resources to respond to incidents effectively. These companies may not have an IT team dedicated to cybersecurity, or may not have committed financial resources to hiring outside experts to help prevent and address incidents. This can result in a slower response time and increased risk of further damage to the company’s systems and data.

Too Much to Tackle Alone

When it comes to cyber threats, there are multitudes of challenges afoot for IT operations to take on.

  • Ransomware: Ransomware is on the rise. This plague is getting easier and easier for nefarious actors to use.
  • Protecting Valuable Assets: One of the most significant reasons why CEOs, boards, and investors should care about cybersecurity is that it helps protect valuable assets. Digital assets are just as valuable, if not moreso, than physical assets. A successful cyberattack can result in the loss of valuable data, leading to financial losses, reputational damage, and legal liabilities.
  • Compliance and Regulatory Requirements: Governments and regulatory bodies have implemented strict cybersecurity regulations to protect consumers and businesses. Failure to comply with these regulations can result in significant fines and penalties, plus damage to a company’s reputation.
  • Reputational Damage: A successful cyberattack can also result in near-instantaneous reputational damage, which can have a significant impact on a company’s bottom line. A data breach or attack can erode customer trust, leading to lost business and revenue.
  • Investor Confidence: Mid-size companies often have investors, who possess a vested interest in a company’s cybersecurity posture. A cyber-driven drop in a company’s stock price can lead to a loss in shareholder value. Additionally, investors are increasingly looking at cybersecurity as a key factor when making investment decisions. When risk is high, investment money will go elsewhere.
  • Protecting Employees and Clients: Cyberattacks can result in the loss of sensitive data such as dates of birth, social security numbers, and financial information.

Finding Better IT Strategies

IT departments have a big job to do. Executives of mid-market companies must realize that cybersecurity protections should not be single sourced to the in-house IT department. Those same IT departments may resist, unable to drive outside security sourcing because of the sense of loss. Despite this, security outsourcing has been proven leverage that helps companies operate with greater efficiency, reliability, and improved security. The motive to change cybersecurity operations to include outside organizations requires executive will and directive from the top.

Cybersecurity is Survival

Cybersecurity should be a main critical concern for businesses of all sizes, but with its potentially-devastating impact to mid-size companies, cybersecurity is a matter of survival. It can turn a promising asset into a massive liability for the C-Suite, boards, PE firms, investors, and lenders.

CEOs, boards, and investors alike should care about cybersecurity. It is of immense importance, as it protects valuable assets, helps companies comply with regulatory requirements, prevents reputational damage, instills investor confidence, and protects sensitive data. As cyber threats continue to evolve and become more sophisticated, it’s crucial for businesses to make cybersecurity a regular board-level topic, and for the C-suite to drive investment in robust cybersecurity services.

This article was originally published in Forbes, please follow me on LinkedIn.

6 Reasons Why Entrepreneurs Should Take Security Seriously

Being an entrepreneur involves some serious hustle in order to make a dream a reality. While it can be tempting to handle everything on your own, cybersecurity requires teamwork.  Read this piece from Ntirety CEO Emil Sayegh, originally published in Forbes, to learn more about why cybersecurity should always be a part of an entrepreneur’s strategy. 

 6 Reasons Why Entrepreneurs Should Take Security Seriously 

 Of all the rules and advice available about running your own business, the best pertains to what mistakes to avoid. At the top of the list of mistakes to avoid  as an entrepreneur, you should not do everything yourself. 

 By default, when an individual chooses to do something, they are choosing not to do something else. Yet despite that simplicity, the inclination to do it all in entrepreneur mode is tempting. We want to know every brick of our business and we are willing to ascribe to the icon of hard work and high rewards. The reality is, there is too much on the line and you could be doing other things that you are much better at. It’s a powerful choice that separates leaders from the rest of the pack. In his book  Good To Great, Jim Collins calls it level V leadership, a level we all aspire to be at. 

 Choosing what your organization does and does not do is one of the most critical leadership tasks imaginable. This choice applies to our most precious digital assets as well. Information needs to get where it needs to get in a way that is safe. 

 You are not an expert at everything in technology even if you are a technologist at heart. If you try, you end up doing less than you could have done on a much more valuable task. Once you can afford it, hiring experts has tremendous advantages, especially when you regain time and opportunities in doing so. 

 When it comes to IT security, however, you just can’t face these challenges alone. Cybersecurity is not a finish line initiative where you can roll out a tool of some sort and call it a day. The threats are ever-changing and escalating, meaning that protecting your business means keeping a continual watch on your assets and you must never let your guard down towards the ever-evolving vulnerabilities. The risks are just too great to “roll your own.” 

 These are the top reasons why, as an entrepreneur, your IT security should be taken seriously. 

 

  1. Impossible Task: Across the globe, more than 30,000 websites are hacked daily. A new attack happens somewhere every 39 seconds. More than 300,000 new pieces of malware are created each day. DDoS attacks, malicious apps, phishing, zero-day attacks, and other security concerns threaten every business, even the small ones. Your adversaries are not individuals but nation states, criminal organizations, and hive-minded hackers. No entrepreneur can do this alone and just because an incident has not happened to you, it does not make you immune. 
  2. Reputation: Nobody is immune to the damage of reputation that comes in the wake of a cyber incident. Consider the value and reputation loss for companies like Solar Winds, FireEye, and others, and the association with their founders, executives, and company boards. 
  3. Financial Losses: An incident can wreck your finances for good. Between recovery efforts, penalties, and loss of income, a cyber incident can affect a small company’s bottom line significantly. A 2017 Ponemon Institute study put the average cost for small businesses at $500,000 per incident. This calculation only scratches the surface of legal costs, compliance penalties for HIPAA, GDPR, lost revenue due to downtime, etc. 
  4. Losing the Board and Investors: The Board of Directors and investors have a stake in the sanctity of the business. There is nothing like a cybersecurity incident and a chain of business ownership crisis to put one at odds with these critical business advocates. The perceived savings of executing your own security is simply not worth it. 
  5. Endanger Employees: Taking on security alone can endanger your employees, who are your most important asset, through the theft of employee data, including sensitive HR files, dates of birth, financial information, and more. 
  6. Financial Theft: Cyber thieves, in many manifestations, are out there. Whether it’s a lone hacker, a team of criminals, or a nation-state organization, there are high values placed on the extraction of financial data and the methods being used are crafty, escalating, and unpredictable. 

 At the risk of repetition, understand that entrepreneurs know their businesses, but they are not experts at everything. When the likes of security giants like FireEye fall to modern, sophisticated cyberattacks as we’ve seen in recent news, you should get a sense of how critical it is to not take on the challenge of cybersecurity alone. Focus on the things you do best, and stop doing the things you shouldn’t be. 

 Check out this piece, originally published in Forbes, here and follow me on LinkedIn

Why Security Maturity is Necessary for Your Business

A security maturity model is a set of characteristics that represent an organization’s security progression and capabilities. According to CISOSHARE, Key Processing Areas (KPAs) in a security maturity model are practices that help improve a security infrastructure 

These KPAs include:  

  • Commitment to perform  
  • Ability to perform  
  • Activities performed  
  • Measurement and analysis of the results
  • Verifying the implementation of processes  

Levels of security maturity range from 1 to 5, with the lowest level of security maturity being one and the highest level of security maturity being five. Various industries lie within these levels, depending on their security needs. The retail industry typically falls under Levels 2 or 3, manufacturing falls between 3 to 5, while Fintech and Healthcare are between levels 4 and 5 due to the high levels of compliance needed in these industries.  

Ntirety details these levels of security maturity by detection, response, and recovery times:  

  • Level 1 (Vulnerable)  
  • Time to Detect: Weeks/months  
  • Time to Respond: Weeks  
  • Time to Recovery: unknowable
  • Recovery Point: unknowable
  • Compliance: None  
  • Level 2 (Aware & Reactive)  
  • Time to Detect: Days
  • Time to Respond: Hours
  • Time to Recovery: 1-2 Days
  • Recovery Point: <2 days data loss
  • Compliance: Internal Objectives

  

  • Level 3 (Effective)  
  • Time to Detect: Hours  
  • Time to Respond: Minutes  
  • Time to Recovery: Hours  
  • Recovery Point: <24 hours data loss
  • Compliance: Internal & 3rd party  

 

  • Level 4 (Compliant)  
  • Time to Detect: Minutes  
  • Time to Respond: Minutes
  • Time to Recovery: Hours
  • Recovery Point: <6 hours data loss
  • Compliance: Internal & 3rd party  

 

  • Level 5 (Optimizing)
  • Time to Detect: Immediate
  • Time to Respond: Immediate
  • Time to Recovery: Immediate
  • Recovery Point: <15 min data loss
  • Compliance: Internal & 3rd party  

How Ntirety Helps With Security Maturity: 

With over 20 years of industry experience, Ntirety understands how to support a business’s cybersecurity maturity needs and follow the necessary processes to ensure a smooth transition into IT transformation.  

For a company to appraise their security maturation with Ntirety, the first step is to have a conversational assessment with our team to determine the security gaps in your business’s cyber infrastructure. Our team can see where your business lies in the security maturity framework and compare it to your goals by answering some questions. Whether it is a particular industry vertical that your company falls under, you are adopting best practices within your IT infrastructure operations, or it is a board mandate, we can help formulate a plan based on your business’s needs.  

Following an assessment, the Ntirety team can detail how to improve Protection, Recovery, and Assurance. Ntirety’s Guidance Level Agreements (GLAs) can help improve these areas by optimizing availability, security, performance, and costs. Ntirety is committed to securing the “entirety” of your environment through solutions that identify, inventory, and protect the entire target environment. Ntirety’s Compliant Security Framework covers the security process from establishing your security design & objectives through protection, recovery, and assurance of compliance to your security requirements.  

One mistake we often see with companies is the idea of doing it themselves being a safer option. While resourcing a cybersecurity solution internally may seem more manageable, it can be far more costly and take away from other essential business functions. Here are the top 7 reasons to outsource security:  

  1. Finding and maintaining a talented SIEM/SOC team is expensive
  2. The benefit of trends and detection of other customers
  3. Accessing more threat intelligence and state of the art technology
  4. Long-term Return on Investment
  5. Outsourcing lowers the Risk of conflict of interest between departments
  6. Enhancing efficiency to concentrate on your primary business
  7. Scalability and flexibility 

For more details on securing your cyber infrastructure, watch our most recent webinar and schedule an assessment with us today.