I wish I could tell you that if you have a cybersecurity plan then you’re covered. But you are not. Why? Because the hackers and the blackhats and the pursuers on the Dark Net and the Dark Web are one or more steps ahead of all of us all the time. If they weren’t, then there would be no security breaches or identity thefts or deadly hacks.
With that said, here are three key reasons why your cybersecurity plan is outdated and needs to be revised….
If your cybersecurity plan wasn't created yesterday, then it's outdated
Everything can be hacked and the best blackhats are already two steps ahead of the best prevention plans anyone has. In reality, what we think is cybersecurity is really just reactive cyber defense against what happened to someone yesterday. We can anticipate what the next hack might be and build software and technology defenses against it, but that’s like trying to anticipate what might kill you tomorrow when in fact you could step in front of a bus accidentally and you probably didn’t plan for that one. You’ll never really be proactive, only reactive.
You need to hire a CSO or consultant and have them review and revise your cybersecurity plan
You planned security out with the personnel you had in charge at the time and that’s great, but hacker activity is increasing daily and targets are constantly changing. You likely need a Chief Security Officer (CSO) or at least a lead security director or analyst who will guide your organization down a finer tuned path to mitigation and avoidance of cyber criminal activity. Bottom line…you need to spend more time and get more technical expertise on board quickly to do any good in combating the potential for cybercrime affecting your organization…especially if you have sensitive data or are a larger organization with a potentially large database of customer information.
Look at your projects and clients from their side
You thought about security and cybercrime potential from your side and your potential liabilities. Now stop and look at it from your clients' side. What happens to them if some blackhat activity seriously breached their data or puts their multi-million-dollar project with you in jeopardy? What would be the reaction of your very important client base? What would be the sudden drop in revenue you might experience? What costs would they incur and what would your responsibility to them be? Think liability…
Summary / call for input
The bottom line is this…if you weren’t too worried about cybercrime affecting you and the need for cybersecurity in your organization before…well…things have changed. 2022 is going to be different than 2021 and it's getting worse every year not better. If you aren't concerned yet - I am telling you that you MUST be.. Cybercrime is only increasing in number of incidents and overall costs year over year. According to a CBS.com article accompanying information about their now defunct CSI Cyber show (which is one of my personal favorites):
“In 2014, 47% of American adults had their personal information stolen by hackers — primarily through data breaches at large companies. In 2013, 43% of companies had a data breach in which hackers got into their systems to steal information. Data breaches targeting consumer information are on the rise, increasing 62% from 2012 to 2013, with 594% more identities stolen. That added up to a staggering total of $18,000,000,000 in credit card fraud for the year.”
Those are harsh numbers…and they are only getting worse. The question is…what are you or your organization doing about it or what will you do with this info? Do you have a cybercrime or cybersecurity plan in place? Do you have a team and infrastructure? Is it part of your risk planning already or are you in a reactive planning mode only? Please share and discuss.
With that said, here are three key reasons why your cybersecurity plan is outdated and needs to be revised….
If your cybersecurity plan wasn't created yesterday, then it's outdated
Everything can be hacked and the best blackhats are already two steps ahead of the best prevention plans anyone has. In reality, what we think is cybersecurity is really just reactive cyber defense against what happened to someone yesterday. We can anticipate what the next hack might be and build software and technology defenses against it, but that’s like trying to anticipate what might kill you tomorrow when in fact you could step in front of a bus accidentally and you probably didn’t plan for that one. You’ll never really be proactive, only reactive.
You need to hire a CSO or consultant and have them review and revise your cybersecurity plan
You planned security out with the personnel you had in charge at the time and that’s great, but hacker activity is increasing daily and targets are constantly changing. You likely need a Chief Security Officer (CSO) or at least a lead security director or analyst who will guide your organization down a finer tuned path to mitigation and avoidance of cyber criminal activity. Bottom line…you need to spend more time and get more technical expertise on board quickly to do any good in combating the potential for cybercrime affecting your organization…especially if you have sensitive data or are a larger organization with a potentially large database of customer information.
Look at your projects and clients from their side
You thought about security and cybercrime potential from your side and your potential liabilities. Now stop and look at it from your clients' side. What happens to them if some blackhat activity seriously breached their data or puts their multi-million-dollar project with you in jeopardy? What would be the reaction of your very important client base? What would be the sudden drop in revenue you might experience? What costs would they incur and what would your responsibility to them be? Think liability…
Summary / call for input
The bottom line is this…if you weren’t too worried about cybercrime affecting you and the need for cybersecurity in your organization before…well…things have changed. 2022 is going to be different than 2021 and it's getting worse every year not better. If you aren't concerned yet - I am telling you that you MUST be.. Cybercrime is only increasing in number of incidents and overall costs year over year. According to a CBS.com article accompanying information about their now defunct CSI Cyber show (which is one of my personal favorites):
“In 2014, 47% of American adults had their personal information stolen by hackers — primarily through data breaches at large companies. In 2013, 43% of companies had a data breach in which hackers got into their systems to steal information. Data breaches targeting consumer information are on the rise, increasing 62% from 2012 to 2013, with 594% more identities stolen. That added up to a staggering total of $18,000,000,000 in credit card fraud for the year.”
Those are harsh numbers…and they are only getting worse. The question is…what are you or your organization doing about it or what will you do with this info? Do you have a cybercrime or cybersecurity plan in place? Do you have a team and infrastructure? Is it part of your risk planning already or are you in a reactive planning mode only? Please share and discuss.
RSS Feed
