Preventing means continuing
Preventing Means Continuing
What importance does cybersecurity have in a company? A couple of years ago it started being taken into account, but today it is a key issue for the sustainability of any company.
Like in a road safety context, in Cybersecurity there are lots of people who think that nothing will happen to them. In both cases the facts prove that's just wishful thinking, and prove those kinds of thoughts wrong. Statistically, it is way more likely it happens to us rather than getting our way around. You can't think either that an issue such as the attacks against IT technology environments will be solely an issue mainly related to big companies.
In the face of a traffic accident, we usually hire insurance companies that protect us if we have to deal with reparations, personal damages and even the replacement of our car to be able to drive around again. As for Cybersecurity, we won't be able to get a new car to be able to go on. Usually, the most extended attacks block possible business continuity, take our systems as ransomware, take hold of our data and request high amounts of money as ransom if we want to recover their availability. This may happen once but… who guarantees that this won't get repeated time and time again?
Someone may picture a Company, Organization, or Institution that may still be able to operate a minimum in a blocking situation like the one that could happen in face of an attack? The damage, best case scenario, is huge (in terms of reputation, operation, patrimonital, etc.) but the highest risk you run is no other than business continuity, not being able to keep it going anymore.
A couple of years ago, everything related to IT was information reserved to "a few chosen ones", but it's been a while since then, and now it is our resposibility to have some kind of basic knowledge
It is very difficult to imagine a business environment without the use of technology in almost all of its operations. Besides, there's been a change from which I think there's no turning back which has lead Companies, Organizations and even individuals to take their technological ressources to the Cloud, and their human ressources from the office to their homes.
Some may think, and I must say they are sorely mistaken, that in big Cloud environments (public or private Clouds…) or in communications systems from very important and renowned providers, we are safe from attacks and they are the ones in charge of protection. But that is way far from the truth. I suggest you to read the terms of your Service Agreements and you will see that they guarantee the availability of their infrastructure, but the Security layer is up to you, it is for the client to handle.
Cibersecurity is a discussion and follow-up topic for Senior Management in Companies/Organizations. It is not a simple technology issue, but a critical matter in the development of business activity, it is a matter of survival.
As you have seen, behind the many attacks that take place today, there are highly specialized Cybercriminal groups, capable of overcoming technical barriers and ressources from the biggest technology manufacturers and that are supported or even lead by countries as part of taking action obeying not just to economic interests but more like geopolitical interests.
No sector is free from these kinds of situations, whether within the scope of the Public Sector or the Private one; whether they might be small or big companies; in fact, in a conversation with the Director of a Law Firm, he told me that this had happened twice to him and he recognized he had to pay the corresponding ransoms to keep on working with their service operation.
Another important issue that increases the catastrophic risk of survival is considering this as something fot IT people departments to handle. It's true that a few years ago, everything related to IT was information exclusive for a few "chosen ones", but it's been a while since then, and now it is the responisbility of all of us to have enough basic knowledge to at least know how to take action in emergency situations.
It is strategic to have a department that requires a steady investment in highly specialized ressources (both Technical and Human).
Cybersecurity is a discussion and follow-up topic for Senior Management in Companies/Organizations. It is not a simple technology issue, it is a critical matter in the development of business activity, it is a matter of survival.
As critical area, it must be an element present and an evaluation elment in all operating areas, actions, activities, proposals and Company/Organization projects. It is strategic having a department that requires a steady investment in highly specialized ressources (both Technical and Human). It takes place in companies that forego this department due to its high cost, but we must be aware that it is a highly profitable investment. We just have to imagine what would mean being in a scenario where for days, or permanently, the activity of our company were completely blocked.
Regarding Cybersecurity, I finish off as I started: Preventing means continuing.
These might interest you...
