A couple of years ago, some client work led me to a fascinating conversation with someone who’d headed criminal investigations and cybercrime at the FBI. Do you know how many companies had refused to pay ransomeware attackers up to that point?
Zero, he said, and most companies don’t know how close they are to being the next victim.
The next Colonial Pipeline, if you will.
I’d planned to write about cybersecurity business this month, but that debacle shifted my focus to cybersecurity IN business. Coincidentally, South Carolina’s Small Business Cyber Security Summit occurred the day Colonial announced it was finally pumping again, albeit $5 million poorer.
Of course, Colonial came up throughout the summit, which was hosted by Clemson University. But almost as enlightening were speakers’ references to siblings and spouses hit by ransomware at their nonprofit or small business. Do you know how many small businesses in our community are proactively addressing cyber threats? You know: not nearly enough.
There are plenty of tech solutions to mitigating external risk, but the big threat is people who still don’t get what risky environments we’re all working in. Psychology trumps technology. That’s why the guys at Greenville-based Hook Security are making a valiant effort to popularize the idea of “psychological security,” and I hope their #psysec catches fire someday.
To simplify, consider this summit takeaway from Rob Cheng, computer industry and virtual business veteran. He said, “Companies aren’t targets; their security holes are.”
Ladies and gentlemen, we are the holes.
If you’re interested to learn more, check out the summit replay.
This article originally appeared in Upstate Business Journal.