Traffic is a good analogy when discussing cyber security incident preparedness and events. because we can imagine a wide range of severity (fender bender, 3 car pile up that blocks a major artery, snow event like Tuesday, earthquake that causes major damage to infrastructure, etc).
Your ability to effectively predict and respond to smaller incidents is a good indicator of your ability to do the same for larger events. Organizations can be crushed by paper cut deaths of small incidents which cause a loss of productivity and revenue in the same way that minor accidents cause major delays in travel time, delaying goods and causing economic damage.
Sometimes you can’t effectively “self-insure”, and depend on external parties (emergency services in a traffic world, incident response/security partners in a cyber security world) in case of severe incidents.
Worse is when you depend on external parties (like emergency services in a traffic world) and they fail you. Our healthcare systems, ambulance services, snow plowing and other services are woefully inadequate for even moderate issues in BC today, let alone major events. In that case, similar to how private organizations can’t count on police/government to address cyber criminals today – you’re forced to safeguard your business and lives. In cyber security this means we can’t rely on government and software developers and internet service providers to ensure a clean online environment, so we need to take proactive measures to protect ourselves. In the physical world it means we need plans for when the bridges are closed, we’re stuck on the side of the road for hours, or the hospital emergency is overwhelmed. Safety kits, good snow tires, proactive work on your immune system and ensuring good health if possible.
The lesson in all of this is we need to see the impact of these moderate events, and work to take proactive action. If we fail to do so, future events will cripple us and major events kill us – cyber security or physical world.
If you’d like to take proactive measures on your cyber security, and need help/guidance/implementation, Kobalt.io would love to help you out.