Scary Cyber Stories: Lessons from the Field (Part 1)

Cyber and information security breaches have been on the rise for the past several years, but due to the COVID-19 pandemic, such events have accelerated. With increased remote work and high employee stress levels, cyber criminals are taking advantage of vulnerabilities. In order to help organizations overcome emerging challenges and support them in their journey toward increased cyber readiness, we are sharing a series of scary cyber stories throughout October in recognition of Cyber Security Awareness Month. Don’t let these scary cyber crimes happen to your organization!

Over the past several months, many of our clients have informed us that their systems have been hacked. One of the common themes among these client incidents has been outdated IT hardware protection systems.

One client, for example, had their system locked up with ransomware for several days. After a great deal of negotiation, the company ultimately had to pay over $100,000 to the hackers. The client also spent a significant amount on cyber-related forensic and remediation services to deal with the issue. Additionally, they did not have operational capabilities for an entire week. The end result was an approximate $1 million loss, after factoring in all costs.

Key weaknesses for this client included their lack of effective IT system hardening efforts and neglecting to ensure proper tools were deployed on their computer systems. The client had the most current anti-virus systems on all of the company’s machines but their firewalls were not updated with proper rules. Given their increased reliance on remote work due to the pandemic, their employee and mobile devices lacked sufficient endpoint protection software. This software is a key factor in today’s remote work environment and better protects intruders from gaining access to corporate networks.

We had spoken with this client on several occasions over the past few years, emphasizing the importance of having a proactive cyber readiness plan in place, but no plan of action was implemented due to other ongoing business priorities.

The key takeaway from this client’s situation? Cyber security should be prioritized within your organization; don’t take your chances. Educate your management team about potential cyber-related risks and devise a plan to be better prepared.

To help you develop a better understanding of your organization’s cyber and information security risks, our Technology Solutions Group has created a Complimentary Readiness Assessment. This assessment can lay the foundation for developing an effective cyber and information security plan for your organization, and help you avoid having a scary cyber story of your own to share!

Find out your cyber readiness score by taking this health check. Your scorecard will be ready in 48 hours for your review and planning.

***

If you would like to inquire about attending the above event, or you’d like to discuss your organization’s cyber needs, please don’t hesitate to reach out to Sassan S. Hejazi, Director, Technology Solutions, at Email or 215-441-4600.

Information contained in this alert should not be construed as the rendering of specific accounting, tax, or other advice. Material may become outdated and anyone using this should research and update to ensure accuracy. In no event will the publisher be liable for any damages, direct, indirect, or consequential, claimed to result from use of the material contained in this alert. Readers are encouraged to consult with their advisors before making any decisions.