- Cyber is real. Southwest Airlines was on WMUR this morning for a stand-down related to a computer glitch. Even if not malicious, a “computer glitch” caused the temporary shutdown of Southwest Air! What would it take for an attacker to create such a “glitch”?
- During the Gartner event two weeks ago, I sat through a talk on HIPAA --our private information in medical records. An analyst told us that out of 60 sampled healthcare providers, 59 had HIPAA computer related privacy violations!
- Systemic risks against our banking/financial environments are VERY real. With Managed Service Providers handling the IT for smaller banks using standard images, common gateways, and shared virtual servers, even one small targeted event has the ability to affect thousands of banks --all at one time.
- Attacks targeting less sophisticated companies in the supply chain are being targeted for access to critical components. Heck, we did it during WWII. Remember bombing ball bearing companies? We did this to keep our adversary from building new airplanes. I pass a ball bearing company in NH at least once a week. They produce miniature and precision ball bearings, and are owned by a larger ball bearing company in California. The company boasts 1400 employees, but I can’t find a CISO in their website. I’m hoping he’s just shy.
- HHS last week issued a report saying that 60% of small businesses that suffer a cyber event will be out of business in six months. Why? These companies will have no idea what hit them. Nor will will they know how to respond.