We really had a hard wake-up call as we updated our web-site. The topic of cybersecurity came up and I did not think much of it since we retain no customer information and we are very rigid about data back-ups and storage. So when in passing I made an innocent inquiry to our I.T. Infrastructure Manager I was shocked by his response - it was like ...
WHAM!!!
It is not a matter of "If" but rather "When". We already see close to 1.5 million site attacks per month which are being thwarted by our firewall. But the ransomware folks are getting trickier and even leaving some ticking time bombs that linger beyond traditional data back-up protocols to get you.
So like us you are not immune. You can purchase insurance, but even with it you'll still have to notify all of your client base you have been breached and at minimum may need to provide credit monitoring to them for free (and this is only the start in order to get your clients to start trusting you again).
Take to time to educate yourself with then following links from McKinsey & Company. So that when your "WHEN" happens it can be quickly mitigated.
New from McKinsey & Company
The drive to digital has raised the stakes for cybersecurity—in the face of threats, what are organizations to do? Amid several recent high-profile disruptions of critical infrastructure and other operations, cybersecurity remains a strategic business issue, with financial, reputational, and regulatory implications. Explore a special collection on cybersecurity in a digital era or dive deeper with a few recent articles for insight on getting it right, including:
ensuring cloud applications and systems are secure
aligning your organization’s efforts with those of external partners
heading off risk in digital and analytics transformations
Security as code: The best (and maybe only) path to securing cloud applications and systems Managing security as code enables companies to create value in the cloud securely. 3 powerful benefits.
In today’s riskier, more connected environment, organizations must collaborate closely with external partners to reduce vulnerabilities to cyberattackers. Challenge the status quo.
While the benefits of digitization and advanced analytics are well documented, the risk challenges often remain hidden. Take a new approach.
Small and medium-size enterprises are becoming an increasingly attractive segment for cybersecurity-technology and solution providers. Capture the opportunity.
Recent cyberattacks focus attention on the vulnerabilities of operations technology to web-based threats. Prepare your organization.
Electric-power and gas companies are especially vulnerable to cyberattacks, but a structured approach that applies communication, organizational, and process frameworks can significantly reduce cyber-related risks. Take action.
Organizations must decide which information-security risks they willingly accept and where to invest to stay in balance. Understand the issues.
To see more essential reading on topics that matter, visit McKinsey Themes.— Curated by Torea Frey, a managing editor in McKinsey Global Publishing based in Seattle. This article contains information about McKinsey’s research, insights, services, or events.