How much does a shutdown of operations cost? Who is responsible?
The latest shutdown at Swedbank and Nordea internet bank was to not driven by terror or by money. It was only because they can. It was for the fun of it. The 10,000 USD, set as ransom, was just a chance to explain to the world that this was not technical issue. It was man-made. It was a gesture closer to activism. When our minds wrap around the consequences of shut down in todays connected society it gets quite interesting and honestly out right terrifying. Add the fact that the usual suspects such as robbers or religiously driven terrorists are now multiplied by tech savvy cultural or political activists and bored youngsters we have little insights to monitor new threats How protected are we? What measures are taken by government and large corporations to really understand threats? Is the legislation up to date? Is it preoccupied by individual rights of information? Are the questions we are asking ourselves in the organizations really up to speed with what is happening in the cyber threat community? Is this the CIO responsibility and are we safe just because we have hired a few cybersec experts that monitor the firewall and make sure our virus definition files are up to date?
I believe this is a highly underdeveloped area. I believe we are all slightly naive here. If I was the CEO or CIO of a bank or an information critical line of business I would put this extremely high on my monthly agenda. I would make sure there is a very clear understanding that this is not just a matter of technology. This is a matter of processes, organization and mandate. When it hits the fan, should we call the police? Who will call the police? This is about culture as well as behaviour and attitudes. Most of all it is about awareness and preparation. Don’t rely on individuals and send a few to training. Make sure you regard this as cross functional and prepare accordingly. What is this worth to you?
About the Author: Ludvig Millfors, email@example.com is Managing Partner for the Strategic IT business unit at Centigo. Ludvig and his colleagues passionately offer advisory services as well as implementation assignments to CIOs and business leaders. We excel in how to transform information technology’s value and impact to business. Centigo Strategic IT values being the most business oriented consultancy for the CIO scope.