Ransomware is one of the biggest threats to companies today, Cyber Security Specialist Sam Curry said to attendees of the Think Like a Startup: Mitigating Cyber Security live fireside chat.
“Because there’s a business behind it,” he said. “It has made money and has been used aggressively by everyone from cyberterrorists to hacktivist criminals.”
Like the bank robbers of the past, today’s ransomware culprits target organizations with money – from firms, like SMBs, to nation states, for instance, Russia’s attacks on Ukrainian digital infrastructure.
Ransomware and other cyber security threats are becoming more advanced, accessible, cheaper, and a looming problem for any business wanting to protect itself.
In the webcast, hosted by Onshape co-founder and current Chief Evangelist Jon Hirschtick, Curry, who is currently Chief Security Officer at Cybereason, explains how all businesses – from startups to those who want to adopt startup thinking – can tackle cyber security at any stage of their business growth.
Develop Relationships with Cyber Security Experts
“The biggest problem in cyber isn't actually technical problems,” he said. “It is the gap between the security departments and the business. It is that cyber risks today are really business risks.”
In the technological age, he says, it’s impossible to separate digital from physical and vice-versa – everything is interwoven.
While aware of cyber security’s importance, there’s no need to spend big money on hiring a full-time security expert or installing the latest malware detection software.
However, you should “have the CSO dialogue starting on day one,” Curry said, so when the day comes, you have someone who knows the business that can give solid advice.
Avoid Becoming Office of ‘No’
As business leaders, it’s easy to fall into the trap of saying “no” in an effort to avoid taking on too much. This could be a fatal mistake when it comes to cyber security.
Instead, Curry advised, to take on the very first step to protect yourself: Go on LinkedIn, research experts who can help from the very beginning, then reach out for a phone call.
Cyber Security as a Guide Not an Obstacle
A growing company may view tackling cyber security as slamming on the brakes on a moving car.
But that mentality needs to be adjusted.
According to Curry, growing a company within the guidelines of the best cyber security practices allows it to flourish in the future and avoid being exploited for vulnerabilities.
This way, by taking care of the bad, teams can focus on the good.
Focus on the ‘Optimal Spend to Reduce Risk’
Cyber security risk never gets to zero, according to Curry.
‘In cyber, unlike the rest of IT, we have an intelligent, adaptable opponent who’s motivated,” Curry said. “What we’ve got to do is make it not as interesting for them to do it.”
Even if you spend millions of dollars on the most secure technology, there will be someone trying to find its weaknesses.
“The idea is an optimal spend to reduce risk,” Curry said. “And then you get diminishing returns.”
Think of it as protecting a vehicle from a break-in or from being stolen – you would lock the doors and set the alarm, but you wouldn’t hire an armed guard.
When deciding on cyber security defenses, consider the options that reduce risk and impact, while fitting into the financial plan.
Protect Your Startup From the Get-Go
Most large companies will have developed a risk registry that outlines the bad things that could happen with instruction on how to handle it.
Startups won’t have the same information – yet.
Researching and securing a trusted cyber security expert is the first step in preparing your company, your team, and your future for any possible cyber threats.
Learn more from Curry by listening to the full, on-demand webcast on YouTube or LinkedIn.