Breaches And Business Continuity
Jeff Schmidt, CEO, Phoenix-based Avertium, No. 405 on the 2021 CRN Solution Provider 500
I think there are a few challenges, specifically with our customers is resources and keeping up the pace with the evolution of technology, digital transformation, and the modern workplace. This is why they turn to us to help offset these challenges and become part of their team.
As an industry, top of mind with security professionals and business is ransomware/breaches. The media has created a huge awareness around this topic that permeates the top-level leadership and boards. This is concerning and somewhat a disservice to security being an enabler versus spreading fear, uncertainty and doubt (FUD). In my experience, organizations need to step back and have a security strategy from their infrastructure design, to ensuring visibility and coverage across their ecosystem (internal and 3rd party), to the right tools to measure what good, better, and best look like for cybersecurity and continuous exercising of this motion to ensure the muscle memory doesn’t get lethargic.
This leads to the second area, which relates to how many companies don’t think of cybersecurity as part of their business continuity strategy (what happens if my business or data center encounters a disaster?). Cybersecurity must be included as part of this, specifically knowing what the ground game is and the playbooks to be used in the event of breach by a bad actor. Simple questions and assignment of ownership of who makes what calls. (i.e., what systems can be shutdown, what networks can be taken offline, who owns legal ramifications, who owns PR, what customers and revenue is impacted, how long can we operate like this, do we have cyber insurance for this, who am I calling in the event of this – this last one is really the wrong time to be picking your partner who holds your fate).