Confession: I fall within the 70% of people aged 30-44 that binge watches tv shows, thanks to how easy it is these days. My family and I recently have been enjoying The West Wing, now, for my 3rd time. This past week, as I was rewatching season 2's "The Fall's Gonna Kill You" I could not help but draw parallels between the theme of the episode and the current cybersecurity landscape. Today, let us explore why your organization needs to have a preventive mindset when it comes to cybersecurity, as not being prepared will be your ultimate downfall.
If you are not familiar with the West Wing, here are the quick cliff notes of the episode. President Bartlet concealed to the entire country and his staff that he has M.S., which at the time was impacting his ability to continue to lead. News of this is going to break to the public, and his Senior Staff is trying to figure out the best way for it to happen, while not losing the White House, his Presidency, and still running for re-election. CJ Cregg, who was still processing the news, tells the story of Butch Cassidy and the Sundance kid. In this story, the characters are looking over the edge of the mountain while debating if they should jump into the rock-laden river below. Their concern was whether they will drown when they hit the water, and not the fact that it is the fall that will kill you.
So how does this tie into the current cybersecurity landscape?
Cybersecurity and Infrastructure Security Agency (CISA) reported that ransomware grew 62% in 2021 alone, and IBM's analysis provides that the total cost of a ransomware breach was on average, $4.62 million in 2021. Most organizations acknowledge that if hit by ransomware, they would be unable to financially sustain their business.
Recently, in 2021, we witnessed the largest publicly disclosed cyber-attack against critical infrastructure in the U.S., the Colonial Pipeline attack. This attack resulted in the pipeline shutting down for five days while recovering. Not only did Colonial Pipeline pay a ransom demand of $5 million, but they were shut down operationally for 5 days, and faced reputational damage as the story spread across the US.
If your organization lacks preventive IT policies, when a ransomware attack comes, it is not going to be the actual ransom that hits your organization the hardest. It is going to be the downtime associated with the outage that will be your downfall. After the cyber-attack, Colonial Pipeline CEO Joseph Blount paid the ransom fee the same day because he was unsure how badly the cyberattack had breached its systems.
Key ways your organization can adopt a preventative cybersecurity mindset include:
- Implementing a Zero Trust security model
- Training your users on cybersecurity awareness
- Implementing multi-factor authentication
- Gaining visibility and incorporating monitoring into your environment
- Ensuring all systems are patched and up-to-date
Adopting a preventative mindset prepares your organization to minimize the risk and downtime associated with an outage when one occurs. Dataprise security experts put together a ransomware checklist for before, during, and after an attack. Download the Checklist below.
In the end, President Bartlet stood up and revealed to the country that he had MS and mitigated his fall as much as he could. While he and his staff still dealt with fallout, just as one does in a cybersecurity incident, he was reelected president and was still the Bartlet for America.