Anybody can learn what this means. Even if they are employed or not by an organization.
But those employed should have known as soon as they have become susceptible to incidents, or from external and foreign actors, cyber attacks.
Those from outside of the organization, who can realized, as soon as they see or visited, say a website, would tell themselves, this is about to unfold trouble, big time.
The word big time is that privacy regulators in many jurisdictions have become very active in their campaign asking, no they are requiring, organizations to protect their systems most especially if it contains personal and sensitive data.
And when they failed, there is that penalty. But what organizations must consider on top of everything is its reputation to uphold and protect privacy of systems (production wise) and the data that contains in it.
When IT/OT have become vulnerable, it would show that these devices or systems are lacking with the following:
- No functioning SSL/TLS for websites, browsers would prompt anyone when they do.
- No firewall configured and good enough to regulate and filter traffic and if there is one, it's just there instead of doing the firewall job, it is routing packets wherever they are headed.
- No dependable technology leader who can be readily assess and make corrections to issues being encountered. When this happens, even if the problem is right in front of the organization's face, such problems will be allowed to linger. Until that time, you know, when it's broken by a final episode and the media.
- If the above, preceding bullet, is absent, a quality DNS is most likely non-existent, too. It's the original sin in technology being made perennial by organizations. It's due to their inability to properly vet and engage an authoritative resource to help them. In the face of unforgiving environment which is the cyberspace, every issue can be immediately addressed and fixed, either temporarily (to thwart potential incidents) or permanently, at least until the next major or final solution is published.
Add yours in the comment below.
Comments