How much of your budget goes to protect you from the companies that are supposed to be protecting you?
Over the past several years I have heard, learned, discussed and agonized over cybersecurity more than I would have ever imagined in my wildest dreams a decade ago. And I have invested a massive amount of money in cyber and all other types of security during this time to be safe (hopefully). When I moan and groan about the staggering cost, cultural change to our operating environment, and considerable training all employees must undergo to relearn basic computer tasks, the response I hear – usually from vendors or some other third-party – is “that’s the cost of being in business these days.”
Yes, being in business has underlying fixed costs that may change but never decline. These days some of those costs are to harden IT infrastructure and put in place systems, equipment and procedures to primarily safeguard data, and sometimes maybe even employees. Several years ago, attempting to explain as simply as possible to employees the need to prepare for cyber attacks, I drew a comparison to the pirate attacks of lore. At the time, piracy was commonplace on the coast of Somalia. Some hacker, I suggested, from a nation/state was ready to kidnap a Captain Phillips, take his ship and plunder its cargo. Indeed, I know of companies held ransom for Bitcoin losing control and access to all their IT infrastructure and basically being unable to operate systems or even shopfloor equipment.
To continue reading, please log in or register using the link in the upper right corner of the page.