The Importance of Cyber Security Posture Assessments
Modern companies and organizations need to understand their risk of a cyber-attack. Regardless of the size of an organization, there is always a threat of a cyber-attack. Due to ever changing digital landscape, it is important to stay on top of the risk your company being hacked and or having your services interrupted. Understanding how your company will prevent an attack, deal with an attack and the steps to recovering your services is all part of security posturing. This is not limited to hardware such as computers and servers; mobile devices, applications, and, most importantly, users must also meet security guidelines to keep your company safe. Part of a cyber security posturing is taking an assessment to understand how strong or weak the organizations current posture is. This will identify the strengths and the organizations preparedness to react to a future cyberattack.
Size of an organization is not always important when it comes to likelihood of getting hacked. The ease of access is generally something that can attract hackers. Small business often overlook many of vulnerabilities in their it services making them easy targets. Many businesses also use services from other companies that are can be targeted. If those services go down, how will that affect your business? Many organizations struggle to articulate and or quantify their risk to getting hacked (Bansal, 2023). Many of the organizations that are most at risk are businesses with legacy tools and systems, such as old servers and computers running on older operating systems. Business and organizations with members who are spread out globally can also increase the threat of a cyberattack. Workers that work off of their own devices also increase vulnerabilities.
While working for a small managed service provider in Tampa, I encountered what it was like to have to handle a ransomware attack. Hackers had locked down all on premise servers, as well as hacked into the services used for backing up the servers. This prevented us from restoring the servers using any previously made backups. Since we were managed service provider, many of our clients were smaller businesses that did not need an on-site IT technician, they turned to our company to ensure their IT services operated properly. Some clients stored their company data on our in-house server farm, which was locked down due to the ransomware attack. A few larger clients had their internal servers hacked due to having some sort of connection to our main office. Working on the help desk team, I would have to handle many of the calls from irate and unhappy customers who had their business interrupted due to our systems getting hacked. After a few days of exhausting our resources trying to find a way to unlock our customers files and servers, our only option was to pay the ransom and hope that they unlock the servers. Eventually the servers were unlocked by some data was lost and connections were broken due to files on the computer system getting changed during the attack. It unfortunately took a few weeks for some of our clients to go back to operating as normal. A month after the attack we were still finding issues with some parts of our system or a client’s systems.
The company I had worked at that had its services interrupted by the cyberattack lost many clients due to its inability to quickly recover from the attack. Many of the customers lost their trust in the company and eventually decided to look elsewhere for their IT services. I am unaware of any legal repercussions but that is a possibility when a customer puts their trust in your company and its services and then has their services interrupted due to a cyberattack. As of my time with the company they were unable to determine if the attack had come directly at us or if a client’s systems were hacked which led to our systems. Regardless our company’s credibility was questioned by our clients, and we felt the financial impact of clients leaving.
So far in 2023 cyberattacks have cost over 4.45 million US dollars to companies globally (Bansal, 2023). Ransomware attacks are becoming more common and easier to complete for hackers. Security posture assessments are incredibly important to understanding how your company could handle a cyberattack. The assessment can also help determine if there are any weaknesses in your system opening your organization up to a cyberattack. Assessing your systems and making the proper changes allows for your company to maintain a strong security posture. The longer your company can operate without issues the more profitable and efficient the company can be.