(Editor’s note: A version of this column was first published on PBN.com on Aug. 16.)
As the speed of business and the rate of technology adoption increases, so do the risks to businesses of all sizes, their clients and employees.
Yet many business leaders still have not taken desperately needed steps to protect against modern-day cyber-risk.
Why is that? Because criminals mostly target only big companies based in major cities?
Right here in Rhode Island, our very own Narragansett Bay Commission recently paid a $250,000 ransom to end a cyberattack.
And the R.I. Public Transit Authority paid cybercriminals a reported $170,000 in ransom in a 2021 data breach that affected 22,000 Rhode Islanders.
There was a reported 1,070% increase in ransomware attacks nationwide in 2021, when many enterprises moved to hybrid workplaces. And now, it takes 68% longer to respond to a security breach when more than 50% of your workforce is remote.
Cybercrime is consistently listed as one of the major business risks keeping in-the-know CEOs and board members up at night.
Many more business leaders, however, don’t even know where to begin to protect themselves.
But in a day where directors and officers are facing civil and criminal lawsuits stemming from cyber incidents, you must ask yourself: Do I know the current cyber-risks my business faces?
How are you handling the responsibilities and due diligence necessary to manage cyber-risk and the responsibilities that you have to your clients, shareholders, investors and employees? Is your organization handling information security oversight and its budget appropriately and up to today’s standards?
Can you readily articulate the awareness of where your risks are, your plan to remediate those risks or when an incident has happened? Are you in a targeted industry, or having trouble getting cyber liability insurance?
If you don’t know the answers to some or all these questions, then you may be flying blind to your current cybersecurity risks.
As a seasoned leader in the cybersecurity, risk management and information technology industries, I am partnering with Providence Business News to offer some guidance each month.
This column will seek to educate readers on key strategies to shape your business resilience, organizational risk and cybersecurity plans to bring your company in line with today’s needs.
These core strategies will help ensure that your organization is positioned to be prepared and resilient from these risks, even as our business environments rapidly change, and the threat landscape broadens.
Each month I’ll discuss critical topics that executive teams need to be considering.
We will talk about the most up-to-date cyberthreats and how to evaluate what risks your business currently faces.
We will cover cybersecurity risk management strategies and how to assess your existing cyber capabilities to mitigate those risks.
Most importantly, we will cover cyber-risk tolerance, and the desired business outcomes that executives should be discussing – and designing strategies around building a resilient business.
While cybersecurity is a very complex topic that lives in the crossroads of information technology, corporate risk, legal, compliance, human resources and more, we aim to help demystify these subjects so you can build resilient organizations that can withstand the intense levels of cyberthreats that we all face today.
Jason Albuquerque is chief operating officer of Pawtucket-based Envision Technology Advisors LLC. You can reach him through www.envisionsuccess.net.