Don't Pay the Extortionist
James Chavis
IT Executive / Cybersecurity / Project Management / Threat Mitigation / Training / Business Automation / IT Strategy
Not less than 24 hours from my post yesterday we were assaulted again by Russian bad actors with another Ransomware attach. This, time it was an attack on a meatpacking plant tomorrow it will be the National Grid and rolling blackouts will occur in the middle of a heatwave, water filtration plant, traffic lights, hospital safety apparatus, etc. We focus too much of our military and industrial dollars on the physical threat and the potential of a physical attack from bombs, missiles, and guns, but avoid the rate of the vulnerability of our connected landscape.
Here lies the issue and the solution that is being ingnored. There are a load of cyber-educated members here in the US that can help slow the threat down. If we put these people in the slots needed to slow the threat we can at least have a frontline in place to mitigate and monitor the warning signs. Our problem is that industry leaders lack the knowledge to understand their own vulnerability, the science behind the threat landscape, and fail to admit that they as industry owners " Don't know what they Don't know" So they have a head in the sand attitude about cyber defense and their own failure to hire key people to help organize and plan their business safety needs.
The Feds use to hire qualified people and allow EOD (Entrance on Duty) intermittent security clearances to close the gap. Now, the price of a clearance has gone up and the EOD process has gone down. Not being responsive, thereby limits placing qualified men and women in jobs that are needed now more than ever. The IoT (Internet of Things) is growing you'll have to decide safety or losing money. The hacker community is growing, it's a quick way to make money or get rich off your ignorance and fears. My suggestion fill the gaps soon and stop letting the certifications dilemma be the whole in the dyke. Time and investing in training support will cure that issue. Also, don't pay these extortionists you'll just encourage more of them to pop up. Plug the cyber gaps and stop the digital bleeding of industry and government infrastructure.
RenSysInc.com post