When cybercriminals caused the shutdown of the Colonial Pipeline, they captured more than a portion of the nation’s fuel supply. They grabbed the attention of virtually every industry leader who faces cyberthreats.
Experts say they are right to worry.
“We are on the cusp of a global pandemic,” Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency, recently told Congress.
The threat is not a biological disease in this case but rather digital.
No company is safe from ransomware. Preventing even bigger future attacks will require a so-far elusive degree of coordination between the public and private sectors in dozens—if not hundreds—of countries.
“Cybersecurity will be the issue of this decade in terms of how much worse it is going to get,” IBM CEO Arvind Krishna said recently.
Analyst Allie Mellen said companies’ main strategy is to pay up if hit—and to try to be slightly less vulnerable to attack than their competitors. “What do security pros do right now to lower their risk in the face of future ransomware attacks? Outrun the guy next to you,” Mellen said.
Association partner Sentry recently introduced an online cyber liability resource available to members who are policyholders. Through a relationship with Enquiron, Sentry is offering a library on topics such as phishing, ransonware, privacy, passwords, hacking, malware, and threat analysis. Policyholders also have access to:
- A cyber risk assessment template
- Online cyber training for managers and employees
- Phishing security testing, and
- An incident response plan template.
To learn more about this resource, contact Sentry at (715) 346-6985.
“There is no silver bullet for solving this challenge,” says a report from the Institute for Security + Technology. “No single entity alone has the requisite resources, skills, capabilities, or authorities to significantly constrain this global criminal enterprise.”
While the work continues with the National Security Council as well as technology organizations—private and public—companies must be aware of the risks and proactive in addressing them.
Sources: Axios, Sentry