“We need to be open.”
That’s a short response that a business owner said to the FBI after they were a victim of a ransomware attack. Let’s backup a little in the story to get the full picture.
Background
A friend of mine in the insurance business told me this story about an interaction between a business owner after they fell victim to a ransomware attack. After the company realized that they were a victim, they called the FBI for assistance. It was a Friday, and the FBI said that they could be out on Monday to start their investigation. The business replied with: “we need to be open on Monday.” Now, the fact that the attack was ransomware in nature, that left the option for the company to pay the ransom, unlock their data, and be ready for business on Monday. The FBI told them not to pay the ransom, but the company yet again replied with “We need to be open.”
The Perspectives
The two perspectives are this: the first is that of the business owner. They’re intention is to run a business. They strive to provide better services or products and increase revenue, while reducing expenses and risk. Cybersecurity falls squarely in the expenses and risk category as its a means to an end. Cybersecurity is an object that exists in their view.
The other perspective is that of the practitioners. Their view is mainly filled with cybersecurity – what is a part of (ie: a business) is a distant object on the horizon.
Conclusion
Aligning these two views can be difficult. Usually the business view will win, but at the risk of leaving the cybersecurity folks under resourced (ie: vulnerable) and a bit jaded. Understanding how to best utilize cybersecurity as a tool for a company is critical making sure that cybersecurity can best perform its main function: reducing risk to the organization.
If you found this article interesting, check out some other posts:
- Thoughts on the CrowdStrike Outage
- 5 Unique Cybersecurity Threats You Need to Know to Protect Your SMB
Or head over to the Contact Us page if you have a particular question that you would like answered.