If you are attacked, what’s my worst nightmare?
I am worried, and I need to know that I offered to help those that I’m most worried about.
Why am I worried?
This month, on the island of Ireland alone, we’ve heard about the significant disruptions caused by cyber attacks on Munster Technological University, Virgin Media, and Lagan Specialist Contracting Group.
I am assuming there are many others which are not being publicly reported.
I am not particularly worried about these victims – They are large enough to be able to call in the big guns and they probably had reasonable security in place to reduce the impact anyway.
Who am I worried about?
I’m worried about smaller organisations, especially those with access to information that needs to be kept confidential.
Information that, if it was ever made public, it could cause significant harm to individuals.
When I say ‘harm’, I don’t mean potential financial loss.
I mean the emotional distress to an individual when they believe that their most private information could become public knowledge.
Information such as:
- Medical histories or reports
- Psychological assessments
- Counselling notes
- Sensitive personal data that may be included on application forms
- And yes, financial information too – e.g. information about pensions or bank account balances.
From a selfish perspective, I am concerned that this type of information about me, my family, or my friends could become public knowledge and I have no control over reducing this risk.
Why am I worried now?
You’ve heard of ransomware. And you know that you need secure backups to reduce the impact of such an attack.
But backups won’t prevent the cyber attackers stealing your data and threatening to make it public unless you pay the ransom.
And even if you pay the ransom, do you really believe they will keep their promise?
It is almost a foregone conclusion that if you suffer a ransomware attack today, all of the data that you have access to will be stolen by the attackers.
So what can we do?
I’d love to spend time with every organisation so we can beef up security defences and reduce the risk of an attack succeeding.
After all, it’s how I make a living.
But right now, faced with this rampant threat, this will take too long.
Instead, I need you to focus on these 5 steps:
- Imagine your organisation has been the victim of an attack, and the criminals have told you they stole your data.
- Imagine being able to say the following: “I know we were attacked and it’s a complete mess. But at least they didn’t get their hands on [X].”
- Identify what your [X] is.
- Identify what you can do RIGHT NOW to make it more difficult for the criminals to get their hands on [X].
- Whatever actions you identify in step 4, complete those actions RIGHT NOW.
And what will I do?
I will help any organisation with the type of sensitive data that I mentioned earlier, but doesn’t know how to get through these 5 steps.
If you (or someone in your network) works in such an organisation, I’m here and it won’t cost a penny (dime? cent?).
How will I help?
- We will meet for up to 1 hour (over Zoom or MS Teams) and work through these 5 steps together.
- By the end of the hour, I guarantee that there will be a clear action plan.
- If not, we will meet for another hour.
- And again. And again.
- Until we have a plan.
This is not a sales pitch.
This is a selfish act.
I want to know that I did everything that I could have done to help these organisations reduce the most destructive impact of these attacka on people like me, my family, and my friends.
If you (or someone in your network) could benefit from my help, email me at firstname.lastname@example.org now* and we can get moving on this.
It will cost an hour and it will save a lot of emotional distress.
* I also need to make a living, so:
- I have to limit this to no more than 3-5 organisations per week.
- I’ll allocate my time on a first-come, first-served basis. I will operate a wait / cancellation list if demand exceeds supply.
- I will end the offer in mid-March and review the approach.