Could Your Company Survive a Cybersecurity Breach?
October 20, 2022
Since 2004, October has been known in the US as Cybersecurity Awareness Month. Other regions of the world have followed this example and today it is almost universal across the world – every October is a time to focus and educate the public on how to avoid a cybersecurity breach.
The theme this year is ‘See Yourself in Cyber.’ This is an interesting focus because it’s not technical or focused on networks. This theme reflects the fact that everyone has a role to play in keeping their company secure – even if their day-to-day job has no direct connection to cybersecurity.
According to the Cybersecurity and Infrastructure Security Agency’s (CISA) website, “this year’s campaign theme demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people.” Through this campaign, the CISA highlights the key actions people should take, including enabling multi-factor authentication, using strong passwords, recognizing and reporting phishing, and keeping software up to date.
It’s easy to see why cybersecurity is now on the boardroom agenda. Just look at the news from recent weeks – examples of cybersecurity problems are easy to find in the mainstream media. There is no need to look at technical journals – this is now reported as a regular news story.
The IHG hotel group was hacked – apparently “just for fun.” IHG operates over 6,000 hotels globally and includes brands such as Holiday Inn, Crowne Plaza, and Regent. The company systems were protected by a single password ‘Qwerty1234’, and this was initially a ransomware attack. IHG refused to pay the ransom, so their hackers wiped their database clean.
Attacks such as this don’t just cause disruption to operation systems – such as customer service or bookings. There can also be a danger that intellectual property and future products plans are revealed. This is exactly what happened last month to Rockstar Games. Their systems were hacked and development plans for the latest game in the Grand Theft Auto (GTA) series were openly published. This is a product that remains in development and has already seen several years of investment.
Rockstar and IHG will survive these attacks for different reasons. Rockstar obviously didn’t want anyone to see what they have been working on, but now that some previews are out there, the company can position the leak as an illicit look at the next version of GTA. However, they can only do this because GTA is such a well-established brand – for some games publishers, it could be an existential crisis to release the secrets of their new game before it is ready.
The data breach is more troubling for IHG, especially the very poor password security. However, their sheer global scale is likely to ensure they can carry on after conducting a security review. A smaller hospitality business could struggle to recover from regulatory fines and customers turning to alternative brands that take more care of their personal data.
The cost of a cybersecurity breach will be different in each case. Even the companies that are big enough to ride out the damage, such as IHG, will face a financial hit. Fines, the cost to customer loyalty, and the immediate impact of an urgent security review will all hit the bottom line. IBM estimates the global average cost of a data breach to be around $4.35 million, which is up 12.7% from 2021. The US average is almost $10 million.
It makes far more sense to be ready. Assume that someone will eventually target your company, either for a ransom or just for the illicit thrill of causing damage for the sake of it.
Networks today need automated intrusion detection, frequent penetration testing, vulnerability scans, and a constantly changing defense strategy because the threat is always evolving. A single password isn’t enough, even if it were more complex than just typing the top line of your keyboard.
In the past, some executives felt that hackers needed a reason to target specific companies, but this is no longer true. They may just be causing disruption for fun or in an attempt to claim a ransom, or just to see your upcoming products. The assumption today must be that all companies are vulnerable. Could your company survive a data breach, both from the perspective of the recovery cost and the loss of trust in your customers?
Many mid-sized companies simply don’t have the in-house expertise to implement a full-fledged cybersecurity review, remediate known vulnerabilities or stay up to date with ongoing cybersecurity protection.
WatServ’s CloudSecure suite of services was designed with all the above in mind.
Whether it’s an initial assessment, rapid remediation or the need for ongoing protection, our team can help. Get started today.
WatServ is an IT solutions provider that helps organizations digitally transform through cloud technologies and managed services.
Serving clients as a trusted advisor since 2006, WatServ provides experience-tested, strategic solutions across all stages of the digital transformation journey. Clients choose WatServ to migrate infrastructure and applications to the cloud, secure critical data, implement disaster recovery, deploy virtual desktop, enable data-readiness for productivity solutions and manage IT environments.
Our clients span a broad range of industries, and we’re a global supplier of IT services for many Brookfield Portfolio Companies. To help our mid-size clients, we provide scalable offerings that simplify cloud adoption and drive business optimization. For enterprise clients, we co-create cloud solutions that enable stability and efficiency for complex IT tools and processes.
With more than 15 years of experience, WatServ has a track record of delivering quantifiable business results and a superior client experience. Ranked as one of Canada’s Top 100 Solution Providers for the last three years in a row, WatServ is always on.