Thank You for Patching
By Andrea MacLean
This article first appeared here on LinkedIn Pulse
In 2020, cybersecurity went from an afterthought to being front and center on the global stage. Organizations all the way up to the board level now finally seem to agree that cybersecurity must be baked in and their businesses secure by design – it only took a pandemic to get here. But cyber criminals have not been resting on their laurels. They have become smarter, more innovative and more strategic leveraging AI and M2M to automate and scale their attacks.
According to Allen Bernard at TechRepublic, driven by an increase in cybersecurity events during the COVID-19 pandemic, remote work, and companies moving operations online, 2020 was a record year for cybersecurity investments with over $7.8 billion spent globally. Cybersecurity Ventures projects cybercrime will cost the global economy $10.5 Trillion annually by 2025.
The Media Landscape
The rise in incidents is the theme in today’s media coverage. The global journalist contingent has been focusing their cybersecurity coverage on the healthcare industry as well as business continuity, the remote work experiment, critical infrastructure and policy - all areas to which the pandemic has attracted an increase in cybersecurity attacks - particularly of the ransomware variety.
The SolarWinds incident was the cyberattack heard around the world covered in every major tech and business publication from the Wall Street Journal, BBC, Financial Times, Le Monde and FAZ to the South China Morning Post. According to Raphael Satter at Reuters, SolarWinds has spent an estimated $18 million dealing with the hack fallout. And there is still no end to the repercussions in sight. We thought this was big. Then Colonial Pipeline, JSB, Kaseya…I trust I needn’t go on.
The industry and society are finally (I hope) realizing that cyber resiliency more than cybersecurity is the key to being secure by design. And if they’re not, in the words of one former FBI director, “lordy…” As organizations come to terms with the fact that they will eventually be breached, no matter what, the question becomes, are they equipped to handle the incident, bounce back from it and continue to thrive with minimal disruption to their operations – and minimal loss.
Right now security companies have a huge opportunity to take up the position as one of THE go-to-market leaders when it comes to cyber resilience and holistic cybersecurity strategy and support. And there is an incredible appetite within the industry and the media landscape for the kind of insights only certain organizations are equipped to provide. You, because if you’re reading this you are definitely one of those shining thought leaders right, simply need to be in the right place at the right time with the right positioning and assets to back it all up. Oh and something interesting and unexpected to say. Have a point of view, yeah? You know, something that goes beyond, “I told you so, didn’t I tell you to patch that #*!@?”
Now is the time to put a stake in the ground and tell the industry what we’re doing wrong, why it’s not working and what we should do next. Oh and of course why we should give a #@$&. Because let’s face it, many clearly just don’t.
To do this, your organization needs in its handy strategy toolkit - a global PR partner. Funnily enough, I happen to work with one such agency. I like to think of what we do as black ops. Ping us. You’ll thank me later.
Oh, and thank YOU for patching those known vulnerabilities.