Page 8 - GS220101
P. 8

ReadersSpeak














                                                                   Heads up on cybersecurity

                                                                            he following is excerpted from insights
                                                                            Jeffrey J. Engle, chairman and president at
                                                                            Conquest Cyber,  https://conquestcyber.com,
                                                                   T sent to emphasize the critical need to secure
                                                                   our infrastructure.
                                                                   "If you’re waiting for a cybersecurity 9/11 or a
                                                                   ransomware Pearl Harbor to punch us in the gut,
                                                                   wake up. The equivalent has already happened. More
                                                                   than one, in fact. Maybe SolarWinds and Colonial
                                                                   Pipeline didn’t have the devastating visuals of those
                                                                   other American tragedies. But they exposed deep
                                                                   vulnerabilities in how we run our world and live our
                                                                   lives. We’ve allowed foes to infiltrate our infrastructure
                                                                   and stay there, undetected. And our response? We issue
                                                                   fines.

                                                                   "However, if we give the problem our full attention and
                                                                   the right level of risk management, we can mitigate the
                                                                   worst impacts—or stop attacks altogether. So, where do
                                                                   we start?

                                                                   "First, this requires a World War II-level of mobilization:
                                                                   either you’re in the fight, or you support the fight.
                                                                   Second, our critical assets like government agencies,
                                                                   the power grid, hospitals, banks, the defense industrial
                                                                   base, and other infrastructure  and  industries  need to
                                                                   ask themselves: What’s on your network? What assets
                                                                   are supposed to be connected? Who’s on your network?
                                                                   Is everyone working remotely supposed to be there?
                                                                   What data are you trying to protect? These are the most
                                                                   basic elements of cyber hygiene.

                                                                   "Third, we need to shift people’s mindset to solve
                                                                   problems with a risk-based approach. Too many
                                                                   decision-makers stick to the way they’ve always done it.
                                                                   Too many institutions choose the probability of a fine
                                                                   over the cost of change, even though it’s much more
                                                                   costly to recover from an incident than prevent one.

                                                                   "Achieving constant cybersecurity effectiveness, not
                                                                   just compliance, is eminently doable. You must pick up
                                                                   new habits and ditch old ones. We need to start now,
                                                                   because the attacks won’t stop. Let’s not wait to take
                                                                   action until something worse happens."
                                                                   How vulnerable are you?

                                                                   How  vulnerable  is  the  U.S. infrastructure  right  now?
                                                                   What are you doing in your sphere to secure networks
                                                                   and data? What should others be doing? Let us know at
                                                                   greensheet@greensheet.com.

        8
   3   4   5   6   7   8   9   10   11   12   13