The Colonial cyberattack should scare you
By Kevin Benacci
Unless you've been living under a rock, you know the news has been dominated the past couple weeks by a major ransomware attack that crippled a critical fuel pipeline across a large swath of the United States. Though operations are now largely restored, the Colonial cyberattack triggered a glaring spotlight from our highest levels of government and millions of people affected by market fluctuations and long gas lines.
Wherever you work, if you serve in a leadership role, this was not a wakeup call. This was a jolting you out of bed to find your hot water heater has exploded, your power is out, and your cellphone has no service type of call. This was a crisis that could affect you — and closer to home than you may think.
So what does it all mean? A lot, if you open your eyes. Cybersecurity has gone from a nice-to-have to a need-to-have. Executives at companies, governments, hospitals, schools and entities of all shapes and sizes should immediately convene their teams to understand their cybersecurity posture. Ransomware attacks happen when hackers get into your systems, lock them up, steal your data and ultimately hold your company hostage — demanding you pay them if you want your company back. What would you do if hackers demanded $300,000 in cryptocurrency (or $5 million, in Colonial's case), with absolutely zero guarantee they'll honor their end of the deal?
If that situation scares you, it should. Here are a few things every executive, at every company, in every industry, should be asking themselves — today.
Do you know your cybersecurity posture? If you don't, your team better. But are they confident that your networks are secure? Do you mandate that your employees practice good cyber hygiene? If not, it may be time to get some training on the books. The digital transformation during COVID-19 has increased endpoints (phones, tablets, laptops) exponentially, which, in turn, increases their vulnerability to hackers. Unfortunately, it could just take one employee — working remote, juggling Zoom fatigue and their beautiful, screaming toddler — clicking one wrong link to infect your systems. Take honest stock of your current cybersecurity posture and make changes if you don't like what you find.
Do you have an incident response or business continuity plan? If you don't, get one now. If you do, when was the last time you exercised it? Plans are great to have — but they don't matter if you don't know how to execute them in a cyber crisis. Make sure the pieces are in place so you can continue operations. As the Colonial hack has laid bare, there may be significant, unforeseen effects of your decisions downstream.
Lastly, and maybe most importantly, how will you manage the crisis? In the immediate aftermath of an attack, you need an external communications strategy focused on transparency, accuracy and speed. It is critical that you communicate rapidly and regularly with your stakeholders, employees, investors, partners and the media. You can't do that if you haven't prepped. Get your senior leaders together for a tabletop crisis communications simulation to go through the specifics and make a plan for how you'll communicate, who needs to be at the table, and how you'll provide steady leadership through the crisis.
These actions will take time and investment, but you can start them — today. You don't want to be the next Colonial. But when ransomware hits your networks, your preparation, and investment in it, will pay off. Probably big time.
Benacci leads the cybersecurity practice at Targeted Victory. The native Clevelander previously served as the chief external affairs officer at the U.S. Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security.