Listen to CyberNB's David Whelbourn discuss how organizations can start managing their security programs.
In January it was revealed that there were two baked-in flaws in the microprocessors used by billions of devices globally, from laptops to servers and mobile devices. The security flaws caused consternation and a flurry of activity around the world as organizations struggled to apply software patches to the flaws to Windows, Linux and MacOS.
But software patches can't fix hardware design flaws, they can only attempt to minimize the risk with a costly performance trade-off in some cases.
And the lesson from Meltdown and Spectre isn't just about the importance of patching. It's that technology alone isn't the cause - or the solution to - cyber risk.
All too often in cybersecurity the story that is often told focuses mainly about how people are the weakest link.
But there is far more to the story than that. The full story is that your team, if properly educated, empowered and engaged, are the single most effective means at spotting and thwarting the most common and effective cyber attacks.
Throughout history unanticipated decisions by human beings has yielded unexpected consequences.
Despite the lessons of history, the same decisions and unexpected consequences unveil themselves on a daily basis via the news and social media as the unforeseen impacts of cybercrime. We have all heard and read the cybercrime narratives. The question is why, and, what should be done about it.
For Bankrupted Morehead Hospital, a successful cyber attack could not have come at a worse time. Two weeks after declaring bankruptcy, Morehead now owes up to $1.5 million for HIPAA violations.
It isn't just bad when you're dealing with a bankruptcy, for small and medium size organizations a cyber attack can tip your organization into financial distress.