A critical software vulnerability has been identified and is considered to be one of the most widespread security concerns in recent years. It is gaining global attention due to the prevalence of the code within almost every major technology vendor in the market.
In part one of this blog, I outlined the reasons why organizations need an Incident Response Plan (IRP). Any organization that stores Personally Identifiable Information (PII) or private financial data needs to have a plan in place for when (not if) they are hit with a cyberattack.
When faced with this decision on how to respond to a ransomware attack, the focus must turn to your answers to key decision factors. I’ve typically have been of the opinion not to pay or negotiate as this is what is giving the cyber criminals the ongoing incentive to continue in this ransomware business. Now that I’ve seen the impact of a serious attack on critical infrastructure, I’ve reeled back and realized that we have to consider many variables that make this a per case decision and not simply a jump to “don’t pay”.
As a cybersecurity specialist, I make it a point to never intentionally scare customers. I don’t like the idea of drumming up business by playing on people’s fears and painting a dire picture of the world in which we live. My approach is to educate them about the reality of challenges they are going to face. I say this because when I describe the current state of cybersecurity threats in the world today, it could easily be mistaken for intentional scare tactics. I assure you, it is not.
Simplify your business and watch it grow.
Let's start a conversation.