Michael Buratowski
If you sell any services or products that are delivered through or connected to the internet, then be prepared to face more questions from your customer base about security in the coming year. That was the message that Michael Buratowski, senior VP of Cybersecurity Services at Fidelis Cybersecurity, gave the audience at Continuum’s Navigate conference last week.
Don’t think your clients are safe from cyber attack because of their size. According to Symantec’s 2015 Internet Security Report, 43 percent of all spear-phishing attacks, where email-spoofing is used in an attempt to gain access to data, were against companies with fewer than 250 employees. Buratowski cited other statistics to show why every business should worry about cybersecurity:
- The average cost of a lost or stolen record is $217
- Hiring people to hack an organization is cheap: $500 to hack a website, $200 to hack an email address, or just $50 per day to do a persistent denial of service attack.
- There were 362,000 ransomware attacks in 2015, and they are growing at a rate of 35 percent.
Most companies don’t have the people, technology, and processes in place to adequately protect against cyber attack.
Part of the reason Buratowski sees demand for security services going up are concerns over liability. Companies that are breached are at a disadvantage when sued if their security was sub-standard. “Focus on what is responsible,” said Buratowski. “That’s the sweet spot. You can defend yourself in court if you can say I did what was reasonably expected for a company of my size and revenue.” By “responsible,” Buratowski means that your security needs to be somewhere between the minimal standards of security compliance and total lock-down.
This trend could be a boon for managed services providers (MSPs). Buratowski quoted a Gartner report that predicts 50 percent of MSPs will offer managed detection and recovery (MDR) services by 2020. Separately, Continuum announced it will be releasing security services that its MSP partners can deliver through its platform.
Early detection is critical. “You need to see [an intrusion] as early as possible,” said Buratowski. “The time from initial breach to discovery averages about 200 days.” During that time, the intruder has time to gain fuller access to an organization and do more damage.
Just as important as preventing security incidents is having a plan of action in the event that you or a client has one. “You need a strong incidence response team,” said Buratowski. That team would include someone at the client, legal counsel, law enforcement, and any third parties that you involve. He suggests establishing a relationship with a legal expert so that you can bring that person in quickly when the need arises. He also told the audience to find out who is responsible for handling cyber crimes at the local police. Building a relationship with that person could be critical when a breach happens.
