#PMP #PPM #project #Agile #cybersecurity #cryptocurrency #ai #SAFe #zerotrust #virtual #mindmap #remote #scaledagile #machinelearning
  • Welcome
  • Contact
  • Resume
  • Expertise
  • Blog
  • Books / White Papers
  • Software / Service Reviews
  • Mentoring Contact Form
  • This Week in PM
  • PM Video Series
  • Awards/Recognition
  • Templates & Downloads
  • Clients
  • Professional Services
  • Past Survey Results

25% of All Tech Projects May be Hit by Cybercrime

2/22/2021

0 Comments

 
Picture
Anything and everything can be hacked. You, me, your top competition, your favorite customers. Everyone. And even if you employ one individual running your security, an entire certified staff of cybercrime experts or a 3rd party outside vendor securing your important data and IT processed, don't let any of them convince you that you are 100% safe. You aren't now and you never will be. The best you can probably hope for is about 90% but those percentages mean nothing when hackers find their way into that small 10% opening that you couldn't cover. Trust me – and you can read this anywhere – the hackers are always one step ahead of us all. Everyone is in reactive mode vs. hackers. You can be in what you believe is proactive mode, but you're still covering ground they've already covered. The best you can hope for is that they won't find you to be an easy target and they'll move on to the next company. Just like our house is well lit and always has at least 2 vehicles sitting in front of it or beside it so we would certainly never be a crime of opportunity...anyone just trying to break in to a house would move on to the next one.


I recently checked back in with most of my current and past clients. What I found surprised me a bit. Nearly one in four - almost 25% - had experienced some sort of hack, data breach or security violation in the past 12 months. Almost 25%. The nice thing is a few are asking for my help in making sure 2016 is safer than 2015...but I have to admit that it was not necessarily the way I wanted new consulting business. However, I will not turn down that kind of experience, research and revenue. At the same time, I wonder what is going to be hit next? What will black hats target next that we haven't even thought of? And what about white hats out there who work hard to expose security flaws and backend openings to prove to governments and software or equipment vendors that they have issues that they aren't aware of but need to patch quickly? Those individuals could be targeted next by cybercriminals...just as was the case on the season (and probably, unfortunately, series) finale of CSI Cyber this past week. This knowledge and software code is worth an inconceivable amount of money in the wrong hands. And it puts lives in danger at the same time.


Back to the issue with the 1 in 4 companies experiencing a security breach and what that could or should mean to you. Nothing or everything...it's your choice. At the very least, I highly recommend the following...


Make cybersecurity a top priority in your risk planning. I know we all think it can't happen to us. And it may not. But if it does, just one cybercrime could cost you countless customers, high costs of identify theft of employee information, or worse....though I'm not sure what that might be. Your risk depends more upon the types of clients you have, the types of projects you run, the industry you operate in, the type of data you handle and the size and complexity of the projects you manage. But any size business can be and is at risk. To omit it from your risk planning is crazy in 2016. I am usually working with small to medium sized businesses though I am periodically running projects as a consultant for very large Fortune 500 organizations and government entities like the Department of Defense and others. And yes, sometimes it does involve sensitive information. Risk planning needs to be part of every project and cybercrime and cybersecurity needs to be considered during every risk planning session.


Hire one staff, a department or a consultant. You can hire one staff, you can create a department, or you can just hire a consultant. But it is imperative, I believe, that you do something to prepare your organization for a cybercrime incident in 2016. It may not happen this year, but it is likely to happen soon and the sooner you bring in staff or designate an individual the sooner you can have that person or group ready and productive. You don't really need a large group of certified individuals. You can operate with just one interested tech lead moving into this role and learning as they go. The information and technology for them to research is everywhere...they can get up to speed fast. Just don't put it off any longer.


Attend Black Hat. Seriously. I've been to Black Hat USA in Las Vegas five years running and it is amazing – both in terms of fascination and in terms of understanding the breadth of the security risks we all face. They call it Black Hat, but it is really much more about White Hat work identifying and reporting on security flaws and what cybercriminals are capable of and what these incredibly skilled hackers have discovered over the past year. If cybersecurity is a concern to you – and it needs to be – then this conference is well worth your time and money. If it makes you plan for and mitigate or avoid one breach because you added it to your risk planning process then it will pay for itself 20 times over.


Summary / call for input


Everyone can be hacked. Do I need to repeat that? Everyone can be hacked. And it will likely get worse – not better. I will not be surprised if I conduct a similar client survey in a couple of years and see that number rise to nearly 50%.


What about our readers? Has your organization experienced a data breach or be the victim of a cybercrime...no matter how small? If so, what was your response? How has it changed your risk planning process. Please share your experiences and discuss.

0 Comments



Leave a Reply.

    Author:

    Picture

    Brad Egeland


    Named the "#1 Provider of Project Management Content in the World," Brad Egeland has over 25 years of professional IT experience as a developer, manager, project manager, consultant and author.  He has written more than 8,000 expert online articles, eBooks, white papers and video articles for clients worldwide.  If you want Brad to write for your site, contact him. Want your content on this blog and promoted? Contact him. Looking for advice/menoring? Contact him.

    Picture
    Picture
    Picture
    Picture
    Picture

    RSS Feed

    Archives

    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012
    February 2012
    January 2012
    December 2011
    November 2011
    October 2011
    September 2011
    August 2011
    July 2011
    June 2011
    May 2011
    March 2011
    January 2011
    December 2010
    November 2010
    October 2010
    September 2010
    August 2010
    June 2010
    May 2010
    April 2010
    March 2010
    November 2009

    RSS Feed

Powered by Create your own unique website with customizable templates.