A good question can you survive the next major cyber-attack? The next major cyber-attack will be different count on it. It even may have the same name as the last one. It could be the ransomeware cryptolocker, and the next one that strikes is cryptolocker version 31, or another variation of cryptolocker called cryptowall. It may look very similar but it will be different. Maybe they’re just different enough to get past your defenses.
Survival in the cyber world is the same as survival in the physical world. The only difference is that the consequences can be magnified, and the time frames radically compressed. So if you had time in the real world to adapt to a changing market condition for your product you may have months or even several years. For instance car companies needed years to develop smaller more fuel efficient vehicles to adapt to the new realities of the energy market. And it took quite a while. But in the cyber world, you do not have this luxury. The same ransomware above cryptolocker first reared its ugly head in October 2015, and today at last count which is probably inaccurate making my point, there are over 200 versions of it out there.
How Do You Know
So can you survive, how will you know? The simple answer is you will never know for sure. Nothing is 100% in this industry. But if you are adaptable you stand a much greater chance. And there is an excellent way to know if you’re in danger and your chances are poor. And that is to ask yourself this simple question? When is the last time I made a change to my cybersecurity posture? And this should lead to some more specific questions. When was the last time I did a major upgrade of my infrastructure? When was the last time I made a minor change to a security procedure or policy? When was the last time anyone in my organization was trained on the latest cybersecurity threats or attacks? These simple questions may not tell you if you can survive but they certainly will tell you if you are going in the wrong direction.
But I Can’t Keep Up
You may say that keeping up is impossible with such an onslaught. That there is no way I will know every attack vector, every little nuance of the cyber criminal. And you would be right. But you would be once again looking at this in absolutes and in the cybersecurity world. No one is every 100% safe. The rule is like I have talked about before 80% and move forward. We will polish it up along the way. We will make it better as we go along. We will improve and learn and adapt. That is the key not to be impervious, not to be so strong that no one can penetrate. But to adapt to make yourself malleable enough to survive, and in turn, your company and your customers will benefit.
So start today! Not tomorrow, not next week, not in the following quarter to follow the budget cycle but now. Send out an email to all of your direct reports today asking for specific ideas on how to make their respective area more cyber secure. Attend a training in your next trade show that focuses on cybersecurity. Read that book about cybersecurity that is on your shelf. Pick up the phone and call you cybersecurity trusted advisor and set a meeting to discuss ideas and next steps. If you don’t have a trusted advisor get one immediately. They will be your anchor to this confusing array of options promises, technologies and threats. You are a survivor but to survive in this world you need to adapt.