I’m always looking for more attack angles into the network.
What is the weakest link?
To know the answer to the question we need to investigate what Risk = likelihood * impact is in our organization.
It is more exciting to talk about higher productivity, faster computers, and sales of product xyz. But a weak link has to be monitored or it can become a disaster of your own doing. The Internet has improved productivity (and made us social media hogs) but also has allowed our computer environment to be affected by all the Criminal people of the world.
I have mentioned this in the last couple of posts, but Small business does not seem to get the message.
There are so many things to do in a small business just to stay afloat or to grow, that working on a backup strategy is just not important. How does a backup help sell product “xyz”?
It may not help selling or operating a business, but when an IT failure occurs will it be an annoyance – “recover the data please”? Or will it be a disaster and then we have to say things like… the computers are not operating right now… we are working using the old paper based methods. A few years from now this will not work, as Credit cards increasingly need a network to operate.
Getting the following message might make you pay the ransom, thinking you will have solved the problem ‘on the cheap’
But if it happened once, it will happen again. You better fix this issue of management willpower. 60% of small businesses fail within 6 months of a Ransomware attack. There is a reason for this phenomena. The weak link is the ignorance of the problem.
As you can see the sophistication of criminals will get to the point that they will charge more for Ransoming your own devices back to you. If management does not have the willpower to create the processes of sophistication to defeat digital Criminals (and major disasters). Then it will only be a matter of time and circumstances when the hole dug is going to be too deep.
Thus my conclusion is that the true “Weak Link” is management thinking itself. A minimal amount of time could be spent on defensive preparations, like 10% which I have recommended before: http://oversitesentry.com/what-is-your-budget-in-preventing-unforeseen-attacks/
Contact Me to discuss this phenomena.