US Companies Aren’t Preparing For Cyber Attacks

The years 2020 and 2021 to date have been very challenging for business. The Coronavirus pandemic and lockdown restrictions have been difficult and many organisations have also had to deal with threats from increasingly sophisticated cyber attacks. Unfortunately, the US  corporate sector don't appear willing to spend money on cyber security until they are attacked and, based on recent eventsthey aren't even ready for unsophisticated attacks. 

As cyber attackers demonstrate the ability to paralyse  industrial systems and key online networks supporting the critical infrastructure, this attitude is no longer workable.

Too often, business leaders seem to think that the cost of improving their firms’ cyber defenses is greater than the unknowable future financial pain of post-incident restoration. In the absence of specific, direct threats to their businesses’ information technology assets, the most attractive option is often to do as little as possible. Even some of the biggest companies in the world have been hit. In fact, even after numerous security warnings, a US pipeline came under attack.

US Colonial’s pipeline was shut down after a ransomware attack. Considering the company supplies refined oil products to meet about 45% of the consumption needs of the US East Coast, this was a major national event.

A survey of information security officers at nearly 400 companies by WSJ Pro Research. offers a revealing snapshot of the state of cybersecurity, what kinds of companies are unprepared and why. The results found that

  • A number of important industries are dangerously vulnerable to cyber attacks.
  • Small businesses are far less prepared than big ones.
  • Many companies aren’t even taking taking the basic steps to improve their readiness, leaving them exposed to breaches that can threaten their existence. 

When asked if companies and the federal government are prepared for nation-state cyber attacks, Jerry Bessette, head of Cyber Incident Response at consulting firm Booz Allen replied “absolutely not.”

Both the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) say that US  businesses need to strategically plan and reduce the increasing threat of cyber attacks and develop detailed data backup and recovery plans. 

President Biden and the US and Congress agree on the need to spend heavily to help the US economy emerge from the shadow of the COVID-19 pandemic. If the recent wave of high-profile ransomware attacks is any indication of things to come, then assigning at least some of the money allocated for COVID-19 relief towards private-sector cybersecurity would be a good investment. 

Businesses must recognise the importance of executive management engagement in cyber security policies. Boosting cyber resilience often depends on securing buy-in from business leaders and releasing the budget to enhance cyber security. Leaders must step up now and realise that cyber security is not optional - it’s essential.

MarketWatch:      WSJ:        Babble:     Law Society:      DefenseOne:       Channel Futures:      

You Might Also Read: 

Russia Wants A Deal With US On Cyber Security:

 

« How To Prevent Healthcare Data Breaches
How To Write Learning Objectives For Cyber Security Training »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

OpenSphere

OpenSphere

OpenSphere is an IT company providing security consultancy, information system risk management and security management services.

Cybertekpro

Cybertekpro

Cybertekpro is a specialist insurance broker providing Cyber Liability insurance and cyber risk assessment services.

Subex

Subex

Subex leverages its award-winning telecom analytics solutions in areas such as Revenue Assurance, Fraud Management, Asset Assurance and Partner Management, and IoT Security.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Zerodium

Zerodium

Zerodium is the leading exploit acquisition platform for premium zero-days and advanced cybersecurity research.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Private Machines

Private Machines

Private Machines develops unique patent-pending technology protects cloud and data center workloads.

Protected Media

Protected Media

Protected Media’s advanced cybersecurity ad fraud solution guards you against current and emerging threats across Connected TV, Display and Video advertising.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

SecureChain AI

SecureChain AI

SecureChain are combining blockchain and AI technology to create a smarter blockchain platform especially in terms of security.

D.med Software

D.med Software

D.med Software is a company with a focus on cybersecurity for embedded software and cloud applications for the medical industry.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

Foghorn Consulting

Foghorn Consulting

Foghorn can analyze your cloud to enhance performance and security, while reducing costs. Based on AWS’ 6 Pillars, our AWS WAFR Certified Engineers Will Identify Areas of Improvement.