Just as it seemed we might be seeing clear skies ahead in terms of the pandemic, another dark cloud began to rise on the horizon. The Colonial Pipeline breach hit the news and many people began to panic. We were all too familiar with uncertainty of the future and last year’s toilet paper rush was replaced with people filling gasoline in plastic containers of all sorts and sizes.
Thankfully, it wasn’t nearly the level of chaos that we saw in March of 2020, but it did bring a lot of things to the surface for people, especially if you’re in the cybersecurity industry. These types of breaches are not industry-specific. It’s important that the humans of the world (in other words, all of us) realize that a breach on a fuel pipeline doesn’t mean that gasoline prices will soar and affect their summer road trip plans (which it might) – it could possibly mean much more in many different ways that aren’t thought of initially.
With the Colonial Pipeline ransomware incident, we saw long lines at the fuel pump and immediate fear of a gas shortage. Thankfully, the crisis was averted for the most part for the end consumer but what if that trickled down to mean no gas for ambulances, or stress on people that drove them to the hospital? Suddenly it’s a healthcare issue. What if you had a trip planned to see your family for the first time in a year and couldn’t get (or afford) gasoline or your plane ticket suddenly tripled in price? We’re all connected in one way or another.
Yesterday, the White House noted the recent shift in ransomware attacks from stealing data to disrupting operations and warned that businesses must take urgent security measures. Cybercrime is everyone’s problem and if it doesn’t affect your office or your Facebook account, it will still affect you in one way or another. One person’s mistake could mean a breach of your bank account. We need to normalize cyber safety and smart practices with regard to the technology that we use in the same way that we know traffic laws and rules when we get our driver’s license. It needs to become second nature, not a stop and panic reaction because there isn’t a second chance once you’ve clicked on a dangerous link. Train your organization to be resilient.
While the Colonial Pipeline made world news, smaller companies often do not disclose their breaches. There is currently no requirement in many cases, so just because it isn't making headlines, doesn't mean it's not happening. And while a small business may not cause a national disruption, data held for ransom still has value if it contains PII (personally identifiable information) or PHI (protected health information) and the cost of that kind of breach can be significant. Use our calculator and see what loss of information on a couple employees might cost you and take steps to ensure your data is protected so you would never need to pay ransom--which is actually advised against by the FBI.
Is your business making cybersecurity a top priority in the workplace? Are you ensuring that your family and friends are doing the same? We must make a collective effort to maintain strength against criminals because we are collectively affected by the crime.