Technologists often try and explain complex security concepts to people without technical backgrounds. This is a flawed approach, according to Theresa Payton (CEO of Fortalice Solutions), at ChannelCon Online. We must change the way that we explain what’s going on, how we plan to fix it, as well as why customers should care. While cyber threats are increasing in complexity and volume, some businesses still don’t see the value or return on investment from security solutions. According to Theresa Payton (CEO of Fortalice Solutions) and co-founder of Dark3, it’s time for us to change how we sell and develop these solutions.
“My focus is human-centered design. Consider how hard SMBs work and take care of clients and customers. The decision to spend a dollar for cybersecurity products and solutions is not a decision to invest in R&D or improve customer service. Payton stated that it is important to always consider “how do I design for the person?” during a keynote session at ChannelCon Online 2021.
Too often technologists try to explain complex security solutions and processes to people without technical backgrounds. Payton stated that this is a flawed approach and we need to change how we explain what’s happening, how we plan to fix it, as well as why customers should care.
Payton shared some startling statistics to start a conversation with customers. These are eye-opening figures, statements that will get their attention, and can be used as conversation starters.
Every 11 seconds, ransomware strikes a business (Cybercrime Magazine).
94% of all malware is still transmitted via email (CSO).
You can easily and quickly find out if hackers have your password using free tools.
There are easy ways to determine if your organization is under cyber surveillance.
Hacking tools and kit to launch cyberattacks and identify theft, ransomware, and other attacks can be purchased starting at $1 (Cisco/Cybersecurity Ventures 2019 Cybersecurity Alnac).
Global ransomware damage will cost $20 billion this year. This is 57 times more than 2015. (Cybercrime Magazine)
She also advised customers to tell ransomware-paying customers that it is not a guarantee that you will get the keys to unlock your data or decrypt it.
She said that she has seen instances where businesses were paid by criminal syndicates. They may not provide all keys or the right key, or they could corrupt your data as the attack was poorly planned.
What to Look Out For in 2022
Payton stated that cybercriminal behavior is worse now than ever, partly due to the pandemic as well as other economic and government crises.
“But I am optimistic that we will figure out what is going on and put the hatches down. She said that there is a lot of information sharing between businesses, as well as between businesses and the FBI or DHS. “Information sharing is happening to the greater good. It’s going to assist us in accelerating the offensive and defensive controls we need to put into place.
Payton warned that cyberattacks could shift to new targets. Payton warned that cyberattacks could shift again to new targets. For example, extended-reality (XR applications) could be hacked and a financial institution could become a victim of a run or mini black Swan event due to a cyber incident. Artificial intelligence could also drive more misinformation campaigns, without human intervention.
Augmented reality platforms can gather your heart rate, breathing, and other data to create a digital footprint. She said that anyone could hack into the system and digitally, biometrically, [get through locked doors].” “In the meantime, cyber criminals will create chatbots on social networks and pretend that a bank is in trouble. This will raise concern and increase wait times for customer services. This will then affect our psyches and cause a mini-run on a bank. Banks are already looking at ways to combat misinformation campaigns.
Tech Companies Need Prescriptive Advice
What can MSPs do for small-business customers to be successful? Assume that clients will be victims at some point and get them to do the same. It’s not a question of when but if it will happen, so have a set or playbooks to help you manage the situation and minimize further damage.
“What if you are a victim to a misinformation campaign and someone says that your product is terrible? What is the playbook for someone who has been involved in a cyber-attack? She said that such playbooks can be created in business meetings with customers.
Second, you should start to implement micro-segmentation strategies using customer data. The lower the chance that all information can be grouped, the more segmentable you can be.