Information Security Strategy Meets Tactical Execution.

Blog

Pay Now, Pay Later

It’s winter in Minnesota, which means snow and storms.  When a storm is coming, the crews put the plows on their trucks well ahead of time.  Every one of us is doing the same, pulling our shovels out of storage or buying a new one or starting the snowblower well before we ever need it.  We do it early to save the pain of having to do it when it is cold and snowing.  The last thing you want to do is try to track down a shovel or salt, or worse yet deal with a snowblower that won’t start once the storm is upon us.

We should take this same approach in our personal and business lives and yet so many refuse to prepare themselves and their businesses until they are in the middle of the storm.  In their personal lives they wait until a medical condition to get their fitness in check.  They wait until their finances are in ruins to get their affairs in order.  And in business they wait until they have a ransomware attack before they start taking security seriously.

Why are so many small and midsized businesses waiting around?  Is it a lack of knowledge and understanding?  Is it not believing they have something worth protecting?  Is it the cost of implementing solid security principals?  No matter the reason, recognizing that storm is upon us is key. 

Ransomware is on the rise with the latest prediction that global ransomware damage costs will reach $20 billion this year (article).  Seeing these attacks impact business of all sizes is tough, but especially so for those in the small and medium business (SMB) space.  The cost of falling victim to an incident like ransomware can be many times more than the cost of investing in the people, process and technology that can stop incidents (or at least lessen their impact) in the first place, something many organizations only fully realize after it’s too late.

The ransomware we are seeing today is far more sophisticated that what we have seen in the past and has become more difficult to detect.  Phishing emails look more authentic than ever.  Ransomware-as-a-service has gone mainstream.  Attackers with limited technical expertise can now buy a ransomware package and deploy within minutes.

Tactics have changed, not only are these ransomware gangs encrypting files and demanding a ransom, they are exfiltrating sensitive data and demanding ransom or face going public with it.  In some cases, they are attacking the technical environment of the victim by deleting boot records and partitions, increasing the time to recover dramatically.

What we have seen in 2021 is that everyone is a target.  SMBs need to start with the recognition that it’s not a question if your organization will be attacked, but rather when will an attack occur.  It is not too late to get your house in order, get your shovels out and prepare for the coming storm.

Every attack is different just like every business is different, however, there are some high-level practices that all organizations should adopt, like putting the plow on the truck.

  • Executive buy-in

    • To do it right, support must come from the top level of the organization.  Security must become a core part of the organizational culture.

  • Fully understand your risk profile

    • Seek to understand the attack vectors for your industry and what is valuable to your organization – then security initiatives can be created, supported, and promoted in the organization

    • Identify and classify different cyberattack scenarios

  • Take threats seriously

    • Many organizations understand the full extent of the damage that can be done during an attack as well as the aftermath.  However, many companies choose to ignore the possibility of such an attack happening to them…this is not a viable business strategy in today’s threat climate.

  • Policy enforcement

    • Policies should be simple and documented.  They should include executive support and be part of the culture that everyone chooses to follow

  • Training

    • Security awareness and policy enforcement are the foundation to creating a security culture in an organization.  Creating awareness of policies whether security or otherwise, should be a top priority of all organizations

  • Offline backup of critical data

    • Data is the lifeblood of an organization.  Data loss causes brand and financial damage, many never fully recover from these events.  Many options for offsite backup exist today and shouldn’t be overlooked.

  • Invest intelligently in security

    • Focus on creating a plan based on the needs of your organization and implement policies and tools that support the plan.  This can be challenging given the information overload and thousands of vendors pitching a thousand “best practice” models and tools.

  • Keep systems updated

    • Simply apply patches to software and hardware systems on a timely schedule.

Pay Now

With the average data breach cost in 2021 of $4.24 million involving 21+days of downtime, the cost is high and is an immediate impact to your business.  This pay later strategy is stressful, requires many resources and long hours along with fingers crossed that paying the ransom will return your data.  These events can be catastrophic to business, potentially ending the ability to continue to operate, causing them to close their doors forever.

Pay Later

Don’t wait until you are in the storm, take a pay now strategy.  Invest in your business over time, pay now to make your business resilient allowing it and your employees to weather the storm when it comes.  Put the plow on the truck early, make sure the snowblower runs and operates and pull the shovels out of storage, take the proactive approach, and deploy the suggestions above.  Need help?  A vCISO can help your organization prepare itself and limit its risk damage and downtime when these events happen.  Sleep well knowing that you have done everything you can to limit the stress, damage and impact the storm can have.

 

 

OCTELLIENT - Our mission: simplify information security. With a Business First approach, we want to help you and your organization get to your core priorities and make the most of your infosec investments.  Our goal is to be your side-by-side partner, working together to navigate a tailored infosec strategy and bring expert advice to your toughest challenges.

Ask us about Propulsion, Deepwater, and the 8-point Dossier

info@octellient.com

www.octellient.com

Chris CathersComment