Today, The New York Times published an article (both in print and online), “Struggling to Recover from a Cyberattack”, a real-world account of how one organization dealt with a crippling cyberattack, driven by an insider. After MyBizHomepage was hacked, its founder, Peter Justen, considered declaring bankruptcy or shutting down. Our CEO, John Mutch, provided the walk-off quote for the article. His excerpt below:
John Mutch, chief executive of BeyondTrust, a global provider of security software: “Unfortunately for Mr. Justen, he probably needed to lock the system down before firing his C.T.O. If he decides to go forward, he should consider building role-based security around his company’s critical assets that limits who can access what.”
This is a topic not to be taken lightely. Cyber attacks are a major concern for security and compliance folks (and quite frankly CEOs and board members) everywhere. For much of the industry it has become a “when” situation, not an “if” when it comes to cyber attacks. It’s safe to say this article will be passed around for some time.
So what steps/systems/actions do you have in place now that limits access and control to such sensitive data and systems? I’d love to hear your thoughts so please comment below.