US Companies Aren’t Preparing For Cyber Attacks

Uploaded on 2021-06-30 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

The years 2020 and 2021 to date have been very challenging for business. The Coronavirus pandemic and lockdown restrictions have been difficult and many organisations have also had to deal with threats from increasingly sophisticated cyber attacks. Unfortunately, the US  corporate sector don't appear willing to spend money on cyber security until they are attacked and, based on recent eventsthey aren't even ready for unsophisticated attacks. 

As cyber attackers demonstrate the ability to paralyse  industrial systems and key online networks supporting the critical infrastructure, this attitude is no longer workable.

Too often, business leaders seem to think that the cost of improving their firms’ cyber defenses is greater than the unknowable future financial pain of post-incident restoration. In the absence of specific, direct threats to their businesses’ information technology assets, the most attractive option is often to do as little as possible. Even some of the biggest companies in the world have been hit. In fact, even after numerous security warnings, a US pipeline came under attack.

US Colonial’s pipeline was shut down after a ransomware attack. Considering the company supplies refined oil products to meet about 45% of the consumption needs of the US East Coast, this was a major national event.

A survey of information security officers at nearly 400 companies by WSJ Pro Research. offers a revealing snapshot of the state of cybersecurity, what kinds of companies are unprepared and why. The results found that

  • A number of important industries are dangerously vulnerable to cyber attacks.
  • Small businesses are far less prepared than big ones.
  • Many companies aren’t even taking taking the basic steps to improve their readiness, leaving them exposed to breaches that can threaten their existence. 

When asked if companies and the federal government are prepared for nation-state cyber attacks, Jerry Bessette, head of Cyber Incident Response at consulting firm Booz Allen replied “absolutely not.”

Both the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) say that US  businesses need to strategically plan and reduce the increasing threat of cyber attacks and develop detailed data backup and recovery plans. 

President Biden and the US and Congress agree on the need to spend heavily to help the US economy emerge from the shadow of the COVID-19 pandemic. If the recent wave of high-profile ransomware attacks is any indication of things to come, then assigning at least some of the money allocated for COVID-19 relief towards private-sector cybersecurity would be a good investment. 

Businesses must recognise the importance of executive management engagement in cyber security policies. Boosting cyber resilience often depends on securing buy-in from business leaders and releasing the budget to enhance cyber security. Leaders must step up now and realise that cyber security is not optional - it’s essential.

MarketWatch:      WSJ:        Babble:     Law Society:      DefenseOne:       Channel Futures:      

You Might Also Read: 

Russia Wants A Deal With US On Cyber Security:

 

« How To Prevent Healthcare Data Breaches
How To Write Learning Objectives For Cyber Security Training »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

LRQA

LRQA

LRQA is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

Multitel

Multitel

Multitel is an independent research centre. We develop and integrate emerging technologies into the industrial fabric at the regional and international levels.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling and Data Destruction protect the environment and your data with proven and trusted electronics recycling and data destruction services.

EMnify

EMnify

EMnify is a Software-as-a-Service (SaaS) company, revolutionizing cellular Internet of Things (IoT).

Bradley-Morris

Bradley-Morris

Bradley-Morris is a leading recruiting firm specializing in transitioning military and veteran talent into civilian careers including Cybersecurity.

Kasada

Kasada

Kasada has developed a radical approach to defeating automated cyberthreats based on its unmatched understanding of the human minds behind them.

HB-Technologies

HB-Technologies

HB-Technologies is pioneer in Africa, in digital security, embedded electronic and IT solutions based on highly secure smart cards that comply with international standards and norms.

Eventus Security

Eventus Security

Eventus, are a team of highly skilled professionals who are committed to deliver excellence in next generation cyber security services and customized solutions for your enterprise.

HWG Sababa

HWG Sababa

HWG Sababa is a cybersecurity provider that offers a comprehensive suite of strategic managed security solutions, services, and consultancy.

EPIQ Infotech

EPIQ Infotech

EPIQ Infotech is a trusted consulting and implementation partner for Oracle JD Edwards and Amazon Web Services (AWS).

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

Diversified Technical Services Inc. (DTSI)

Diversified Technical Services Inc. (DTSI)

DTSI provides a wide range of technology solutions for Federal Agencies, the Department of Defense, and commerical organizations with capabilities including Cyber Security and DevSecOps.

NetDescribe

NetDescribe

NetDescribe, part of Xantaro Group, advises and supports companies in building secure and stable IT environments.