We live in an era where threats come in ways we never predicted. In the past five years, we have been witnesses to the emergence of Cyber threats and attacks by “hackers” across all platforms and all business, whether Healthcare, Government or the Private/Public sector. The one thing we know to be true: no one is immune.
Admiral Mike Rogers, Director of the National Security Agency, Commander of the U.S. Cyber Command and Chief of the Central Security Service, commented in an interview that “what keeps me up at night is not whether or not we will get hacked and data stolen, but the manipulation of data.”
With that in mind, one thing is clear – Cyber threats, attacks, and hacks are not just about IT. While Cyber has traditionally been the domain of the IT group in an organization, that is no longer the case. Now when a Cyber event occurs, multiple aspects of the business can be affected: finance, risk, insurance, public relations communications, social media, the executive suite, the board of directors and supply chain. As a result, Vantage Point has been conducting Cyber exercises for several years that include scenarios with multiple areas of the organization impacted or engaged.
The best way for any organization to prepare for a Cyber event is through exercise and testing of plans. There is no software or hardware solution available that is 100% fool-proof, as the human element will always involve a certain amount of risk. Education and testing of policies through exercises, helps organizations determine the “weak links” in their policies and procedures so they can then take corrective actions to reduce their risk.