Landmarks

Riverbank Ruminations; Observations from The Banks of The Technology River

Tom Evans ~  Ashton Engineer Emeritus

 When you go on vacation, especially a driving vacation, landmarks can be one of the things you search out. You might go to Mount Rushmore, the Grand Canyon, the Golden Gate Bridge, or maybe even the world’s largest ball of twine. There are any number of famous places with their outstanding feature(s) that makes them a landmark. Dictionary.com has several definitions for the word landmark. Two of them are:

• a building or other place that is of outstanding historical, aesthetic, or cultural importance, often declared as such and given a special status (landmark designation ), ordaining its preservation, by some authorizing organization.
• a significant or historic event, juncture, achievement, etc.:

The first definition relates to what we might travel to see. If we are driving, we may see accidents along the road. These can range from a fender bender to some massive multi-car pileups that make national news. Our reaction is probably ‘Glad that wasn’t me’. They may even serve to make us a little more alert while driving so we don’t suffer the same fate. Even if we see accidents locally, however, we seldom know those involved and unless we do know them, it is unlikely we will follow up on the consequences of the accident. We may not take the event as a lesson to learn from. It may not impact us at all.

The second definition is the one I wanted to concentrate on. We have had two security events that could be considered landmark events. The SolarWinds supply chain attack and the Colonial Pipeline ransomware attack stand out for several reasons but mostly due to the magnitude of the consequences. If you have any interest in security matters, you don’t need me to delineate the consequences of the SolarWinds attack. Numerous large companies and government agencies suffered exposure due to the compromise. Who knows if we know the full extent, even now.

Learning From Landmarks

The Colonial Pipeline event was notable for the extent of the disruption to a critical infrastructure entity. The fallout was gas shortages in many states, the extent of which have not been seen in years. Things have returned to normal for those affected by both events. The question for us is: ‘Do I see these events as just an accident on the highway or do I recognize them as landmarks?”. The difference comes from what we learn. Landmarks usually have some historical significance that we learn of, either on-site or beforehand. Visiting some landmarks can be an emotional experience for some. Usually, the experience is beneficial in some way.

Accidents along the highway, unless we are directly involved, have little long-lasting effect on us. We see them, we may feel sorry for those involved, and we move along. We soon forget the accident, even if it was a major one.

If the constant barrage of data breaches and ransomware attacks don’t have any more effect on us than an accident on the highway, then we should at least learn from the landmark incidents. Even if we don’t do a deep dive on the numerous articles that analyze incidents like these, we can use them as a wake-up call to do some review of how secure we are. If a company whose existence centers around security can make some poor decisions that contributed to them being compromised, how likely are we to make some poor security decisions? Businesses exist to make money, not concentrate on security. With the attacker situation being what it is, security needs to get higher priority than it has had in the past.

Can Your Small Business Afford A Data Breach?

If your small business gets shut down by ransomware, will the east coast of the US get impacted like it was from the Colonial Pipeline event? Likely not. However, your employees will be affected. Your ability to insure your business may be affected. Your customers may be impacted enough to seek other vendors. Unfortunately, many small businesses go out of business after an attack. Some articles put the figure at 60% of businesses that are breached having to close their doors within six months of the attack.

What can you do? If you have an IT department/person and they have been trying to get you to upgrade your security, give them a listening ear. Yes, security looks like a cost. So is fire insurance. Imagine you have had an inspection of your offices by the fire department and they say you have some issues that need attention. You don’t fix them. You have a fire. Will your insurance cover the damage? Cyber-insurance is heading that way. More insurance companies are assessing your efforts to see if you are doing your best to protect yourself. If you are not, at the bare minimum, your premiums will increase. At worst, you’ll become uninsurable.

What if you don’t have an IT department/person, or they are not experienced enough to do the needed security work? Get with a trusted adviser, someone with a track record of being able to get you secure. The question is not if you get breached, but when you get breached. We are in an arms race with bad actors and they have an advantage over the good guys. The good guys only get to make one mistake before there are bad results. The bad guys can fail over and over again without consequences. Eventually, they will find an open door and get in. Maybe not into your network directly;  they may come in via one of your suppliers or customers. In any case, the onslaught is unceasing.

Don’t mistake a landmark for a minor accident. Learn from them and take action.  If you’re concerned about the security of your network, systems, or data, call Ashton Technology Solutions at 216 397-4080.