Each year National Cyber Security Awareness month is held in October. As such, many events are held around the country bringing together experts from government, industry and security to share information and enhance the dialogue around cyber risks.
The resounding theme?
Cyber is a risk to be managed not a risk that can be prevented.
Cyber crime is a threat to all industries, governments and businesses. There is no perfect solution and we will be in constant battle against those that seek to extort monies, disrupt our infrastructure, cause damage to our businesses and harm individuals. Equifax had a cyber security budget of $250 million over 3 years to enhance cyber security and a team of 225 professionals across the globe and still suffered a breach affecting 145.5 million people. Small business and non-profits are at greater risk as they have neither the funds nor personnel to effectively manage the ever evolving threat landscape.
Cyber extortion became a $1 billion industry for criminals in 2016. According to Rod Rosenstein, Deputy Attorney General for the Dept of Justice, there are 100,000 extortion demands made every day around the globe.
Business leaders must learn to approach cyber risk as they do other aspects of their business such as safety and compliance. Cyber is a serious and inevitable risk your business will confront. Have you determined what level of risk is acceptable? There will be financial consequences. It is a grave mistake to think that it will not happen to you.
From Stuxnet in 2010 to WannaCry and Petya/NotPetya in 2017 malicious code can be targeted at a specific Industrial Control System to malicious code being spread to hundreds of thousands of computers around the globe within hours, unsuspecting companies have felt the impact. Companies have incurred losses involving having to replace computer hardware to loss of income in excess of $200 million.
R&R urges all companies to be #cyberaware and focus on cyber risk management especially during the month of Cyber Security Awareness.