Image Credit: CoRTeZ VpN
Based on what we’ve all be reading in the newspaper and seeing online, I think that it’s pretty clear that anyone who is aware of the importance of information technology knows that Cybersecurity is a big priority for the person with the CIO job. The number of hacks of companies has been on the rise as has been their scale. The possibility of your company being disrupted by an electronic theft is starting to seem more and more likely. Unfortunately for all of us, the line between state sponsored attacker and independent operator is also starting to become blurred. Clearly this is something that CIO’s need to deal with, but how?
Things Have Changed
Back in the old days, the world of people who might attack your company’s IT assets could be broken up into two separate groups. There were the lone hackers who were breaking in for fun and profit and state sponsored attackers who had very clear national objectives. What has happened over the past few years is that the lines between these two groups have been less distinct. The skills and the equipment used by state sponsored hackers are starting to bleed over into the independent operator market.
Back in the day, if someone wanted to break into your network they would have had to gather data, purchase intelligence, perform the analytics, identify the attack vectors and then figure out how they were going to break in. These days all of that effort is no longer required. Instead, the bad guys can now go online and purchase half of the tools that they will need. These tools are being purchased as a service. The only real remaining difference between a lone wolf and a state sponsored attacker is how deep their pockets are.
What’s The Risk?
So just exactly what could the bad guys do if they broke into your network? Often times I think that we believe that they would look around for data to steal and then they would leave. Sort like a hit and run. However, what if they intended on doing more harm to the firm? A while ago the NetPetya attack took out a number of multinational firms. This attack went after the firm’s communication systems. All of sudden video conferencing systems didn’t work. Phones didn’t work. Email could not be sent. This is the kind of event that can cause a board of directors to really sit up and take notice. If the whole company is can be taken out, then you are facing a very large risk.
So what puts a company at risk? The person with the CIO job needs to be spending time taking a look at their systems. You need to make sure that you have instruments on your systems so that you know what is happening on them. CIOs need to be minding their shop. They need to remain involved in their company’s IT operations. Don’t you dare think that if you don’t know what is going on then it’s better not to know. You need to take a close look at everything that is happening in your shop!
It’s All About Politics
One area that has shown itself to be especially vulnerable to hackers has been the political system. From trolls who promote “fake news” to electronic voting machines that can be hacked, the entire system appears to be vulnerable to outside influences. The systems that we use to collect and process votes do not have a lot of sophistication or protection. Businesses can learn a great deal by looking at the IT side of the political system.
It’s not just the gear that is involved in running an election that has come under assault by hackers. The other organizations that are involved in elections, such as think tanks, have also suffered a number of hacker attacks. The good news is that everyone is currently more aware of what is going on in this area in terms of bad guys trying to influence the outcome. The bad news is that because it is politics, there is probably very little chance that there will be much change.
What All Of This Means For You
On top of all of the other things that CIOs need to be spending their time on, Cybersecurity has once again become a major topic. Who is trying to break into your company’s network is starting to change and as the CIO you are going to have to get prepared to deal with them. In order to deal with this threat, you have to first understand what you are up against.
The line between lone attackers trying to break into your company’s networks and state sponsored hackers has blurred in the past few years. These days hackers can go online and purchase most of the tools that they will need in order to successfully break into your network. If they are able to get in they may do more than just steal data. They may choose to disrupt how your company does business. This means that as the CIO you need to be constantly taking a look at all of the systems that make up your IT infrastructure. The world of business needs to take a close look at the world of politics in order to determine how to not do things. The process of collecting and counting votes is wide open to being hacked.
CIOs are the ones who are responsible for keeping their networks secure. The growing sophistication of hackers who are blending the lone wolf with the state sponsored hacker are making the CIO’s job that much harder. CIOs need to stay on top of the systems that are being used by their IT department and they need to understand that hackers may seek to do more harm to their companies than just stealing data. The first step in keeping the company safe is for the CIO to remain aware of just exactly what threats they are facing.
– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™
Question For You: What is the best way for a CIO to protect their company’s communication systems from hackers?
Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!
What We’ll Be Talking About Next Time
One of the most challenging jobs that the person in the CIO position has to deal with is trying to recruit the best workers. In addition to the importance of information technology, there are a number of different things that can cause a young person just out of college to decide to either join your IT department or not, but one of the most obvious is what they think of your work environment. In the past, CIOs have added a number of “cool” things to the office such as pool tables or even craft beer dispensers. However, now the challenge for the person with the CIO job is to find a way to make sure that the outside world knows how cool their office is.