Every era in human history has been acknowledged as a noteworthy point in time, primarily due to those who possess not only wealth and power, but the exploitation of that wealth and power. This new age of digital information is becoming more realized not only on the advancements of technology alone, but a significant element present in all notable periods of human history… War. Wealth and power are what become the puppet master pulling on the strings of overall control and influence. Today’s advancements in computing and Big Data bring us into a new Era of human history dubbed “The Digital Revolution” which is writing history as we speak.
Although it’s often referred to as new, the Bitcoin has existed since 2009 and the technology of it is built on, and has, roots that go back much further. Referred to as “Crypto Currency”, the Bitcoin and others alike are not controlled by any central authority: the decentralized nature of the blockchain makes cryptocurrencies theoretically immune to the old ways of government control, trackability, and interference. This makes cryptocurrency the transaction of choice for cyber criminals. It’s use was what built the digital black markets of the dark web and its tremendously increasing value was controlled by the criminals that exploited its ambiguity. As depicted in the image above, this is one of the most significant catalysts in the Digital Revolution. To put this wealth into perspective – If you had invested just $1.00 in Bitcoin the year it was first publicly available (2009), you would now be richer to the tune of $21 million+ as of today.
The Legal Heist: Like oil, raw data’s value comes from its potential to be refined into an essential commodity. When we join social media apps or websites alike, the LEGAL agreement we make by accepting their “Terms and Conditions” with these organizations regarding what information we give them access to is often mind blowing, LinkedIn being no exception. Big Data companies like Cambridge Analytica claimed to have an astonishing 5,000 data points on our locations, spending habits, and tremendous insight on what drove our psyche towards things ranging from our political views, to what our next purchase might be. Many realizations are demonstrated when we see an advertisement on a social media feed that convinces us that “they must be listening through the microphone on my device!”. The reality is, once the data is refined, we become the commodity.
The Cyber Heist: Increasing instances of identity theft, ransomware, and cyber attacks have such an exponential growth, that it becomes nearly impossible to truly understand what the actual figures are. Only an estimated 24% of ransomware attacks are actually reported while numbers show an increase of 75% since the COVID-19 pandemic alone.
Cyber attacks on information merely hold hostage what is important to us. The most important thing to understand in today’s business climate is that cyber criminals don’t hold your data hostage because its important to them, its because they know its important to you. It’s not about your corporate strategy, trade secrets, your proprietary data, or the info in your ERP or CRM. For cyber criminals, it’s as simple as getting whatever you’re willing to pay to get back whatever it is they hold. This has created a pivotal change in the transfer of wealth and anonymity. The average cost across all businesses is over $80,000 to recover from ransomware. This number derives from 2 very important points in time before and after subjected to a ransomware attack. These points are Recovery Point Objective (RPO) and Recovery Time Objective (RTO).
The Recovery Point Objective is critical. Throughout every hour, our business strives forward in many capacities. Every transaction, conversation, update and email is important. The RPO can be compared to a company-wide “System Restore” or “Time Machine” recovery point. The Recovery Time Objective is the duration it takes your organization to get back up and running as if nothing happened. The downtime in between your RTO and the attack is where countless dollars are at risk. The loss of data in these attacks however only account for half of the problem at hand. These cyber attacks more often hold hostage not just the data, but the means to access the programs, servers, and machines themselves. The first line of defense is a Business Continuity and Disaster Recovery (BCDR) solution. Regardless of what was compromised, a BCDR allows organizations to literally spin up their infrastructure and data in a virtual environment, just prior to the attack.
“In any moment of decision, the best thing you can do is the right thing, the next best thing is the wrong thing, and the worst thing you can do is nothing.” ~Theodore Roosevelt
There’s some harsh truths when it comes to a subject as vast and complex as cybersecurity and I’m going to lay the most real and important one of all on you; Security can’t be bought. As a man of faith, I believe every day alive is a blessing. However, the car I drive has the highest safety ratings in its class, I exercise daily, eat right, and could list countless other preventative measures to safeguard my well-being to better my chances of a tomorrow. My point is that I’ve dedicated my entire career, and life for that matter, to strategies that allow control of things within my ability. Insurance outside of insurance if you will. Yet most of my work is spent helping organizations put preventative measures in place after a ransomware attack or data compromise.
Here’s my own pair of pennies; my nickel’s worth of free advice; my consultative approach to educating the SMB world…
Yes, I am in a sales position, and I extend my gratitude for your attention thus far. Exploring a partnership with Managed IT Service Providers is daunting in itself and the value of those partnerships can be misconstrued often times between “What do I get?” vs. “What does it mean to me?”. I will stress once again that no network is ever safe from compromise. A recent example is Equifax’s 2017 data breach in September of 2017 followed by Experian’s data breach in August of 2020 that, when combined, exposed nearly 171 million of their customers’ most sensitive data. These examples are merely to illustrate that once human intervention occurs, it opens the opportunity for compromise. As a professional in Cybersecurity, my approach and the mechanisms are just as unique as the methods of attacks that are crafted.
The only thing that remains static in business is change. Technology and advancements within the landscape will only move at a faster pace. These advancements will continue to benefit our everyday lives in this age of Digital Revolution. Make no mistake that there will always be those who are willing to go through any means necessary to exploit and weaponize them. This new method of crime and war has a global reach with little regard for the laws that struggle to chase it frantically in its wake.