Cyber Security discussed at the January Quarterly Luncheon
ohn Connell from Fortress Data Management discussed
The Cyber Attack: How I Learned to Stop Worrying and Love the Computer"
Ransomware... Phishing... Hacking... Insider threat
Why Do I Need a Cybersecurity Risk Assessment?
Every business which stores or process Personal Protected Information (PII) credit card (PCI) or medical (HIPAA) is required b y law to protect that information
With the ever increasing financial and personal liability risks associated with their information systems, a Cybersecurity Risk Assessment Audit is necessary to protect their citizens and their information assets.
Why NIST? The US Government created the
National Institute of Standards & Technology to protect critical information systems including the Department of Defense and Department of Homeland Security.
Why FORTRESS? Fortress's 25 years of IT information systems experience enables us to properly implement the NIST Cybersecurity Framework and their family of Polices and Controls to protect DOD contractors, governments and businesses who require the highest standard in information systems and data protection.
What Are the Threats? This YEAR...
LaPorte County Indiana
Government offices were
forced to pay $132,000 to hackers
plus over $45,000 in associated costs after a ransomware attack shut down part of the county's computer system.
Lake City Florida,
paid nearly $500,000
to get its data unlocked plus over $1.5 million in IT equipment and software upgrades after an attack on their police department.
Atlanta, Georgia -
Did not pay $51,000 ransom but
ended up costing the city over $17 million
to get the IT systems running again. Some of the data is lost forever.
Baltimore, Maryland - City refused to pay the $76,280 ransom and have
spent over $18 million so far in IT related costs.
What is the Solution? In every case,
inadequate or non-existing Cybersecurity Policies and Procedures were to blame. For example, had any of these municipalities followed the proper
NIST and Fortress designed data backup and recovery policies and procedures their data would have been recoverable without paying the ransom.
In some cases, the attack may have been prevented in the first place.
WHY AUDIT? The Private Sector needs an IT Risk Audit for the same reason they need a Financial Audit - TO PROVIDE INDEPENDENT ASSURANCE THAT THEIR ASSETS ARE PROPERLY MANAGED AND PROTECTED.
For more information contact John Connell (Fortress Data Management) 630-920-0153.