Cartika Blog

CFO with Cyber Security Concerns

Cyber Security concerns? Having issues getting or renewing Cyber Security Insurance? Are you facing escalating Cyber Security Insurance Costs? 

Here is whats happened, and how to address it.

Obviously the world has been dealing with hackers since the day the internet was invented. However, in 2017, when the NSA tool kits were released to the world, we all lost our innocence - conducting business has never been the same and the Cyber Security business officially became a critical element - a requirement - for every business to incorporate into their daily operations, their business and their IT processes.

Ransomware became a very real daily threat. Breaches and loss of data became a routine reality, and no company, regardless of size or capability, was immune. Headline reports flowed daily of yet another breach, loss of massive amounts of personal data and soaring ransom (aka extortion) demands from hackers to decrypt users and companies data.

Countries and Geographies all over the world began implementing Personal Data Protection laws, ever increasing their requirements and penalties associated with non-compliance and breaches. PIPEDA in Canada, GDPR in Europe and various states in the US such as California with their CCP Act. More sensitive data associated with children under COPPA, and personal health data under HIPAA in the US and PHIPA in Canada became even more tightly regulated with even more stringent requirements and associated penalties.

Fast forward to COVID and the proliferation of mobile work forces - and the problem absolutely exploded. Companies began opening their networks and systems to remote staff so that some semblance of normal business activity could continue. More employees used their own computers and devices from home, or kids began using Mom or Dad’s work computer to play games. Companies already devastated by COVID lock downs, were now facing massive and serious cyber attacks - costing them even more time, effort, money and productivity.

Business owners and C level executives are now facing unique challenges even acquiring Cyber insurance. Underwriters are becoming more stringent with their requirements and costs are soaring as their losses have annually mounted. Small Business and Mid-Market IT departments are often understaffed and lack adequate budgets, resources and in-house experience to adequately tackle the problem.

Simply "moving to the cloud" is not enough. A pure IaaS solution will mostly just port your problems from your server room to the cloud. An end to end IT cyber security plan will be required moving forward to sustain and scale your business operations, as well as, secure cyber insurance policies and avoid hefty government non-compliance fines and penalties.

From managed devices, SD-WAN connections and VPN tunnels for remote users, End Point Security, Backups, Snapshots, Firewalls, Operating Systems and Stacks, Disaster Recovery Strategies, Logging and Analytics and so much more - must go into your IT strategy moving forward in order to maintain compliance and operations, let alone avoid hefty fines and secure the cyber insurance businesses require to operate.

Firstly, you can never avoid all risk. You must however reduce the probability of incidence and reduce the impact of incidence. This must be an ongoing plan and strategy, that is perpetually evolving and adapting. When disaster does strike, you must be able to recover in a timely manner and without being forced to pay ransom. If you are concerned about your capabilities to meet these objectives, you must start to build your roadmap towards this end goal. Whether you choose to reach out to Cartika for assistance or not (which I personally hope you do), this is the path you must take your business, and these are the goals you must achieve.

Related posts

  • Apr 24, 2017, 12:00 AM

    Augmenting Internal IT CartikaIs fear of losing control holding you back from realizing the many benefits of an external Managed Services Provider (MSP)? Some IT managers oppose outside help fearing it will somehow weaken their position. But in practice, augmenting internal IT teams with missing skills and resources has the opposite effect, providing better results and increasing the value of the IT function to the organization. Particularly when it comes to infrastructure and supporting non-standard applications.

  • Apr 8, 2016, 12:00 AM

    Andrew Rouchotas Cartika CEOThis post was originally published by Tamar Weinberg in March 2016 in The article name is Cartika is Your Application Service Provider on an IaaS environment Tamar: I love hearing stories of people who realized they preferred working for themselves, and even going on soul-searching trips to find where to go from here. I also love companies in the hosting space that are especially innovative, who aren't selling the standard shared+reseller+VPS+dedicated hosting packages but who find ways to clearly be differentiating businesses. That's why it was awesome to sit down with Andrew Rouchotas of Cartika who told us all about his journey.

  • Jan 26, 2017, 12:00 AM

    Outsourcing IT and Managed ServicesKeeping up with the complexities and costs of information technology is no easy task and especially true for SMBs. To solve this challenge, many now leverage the cloud for their infrastructure needs. But, as valuable as the cloud can be, IT environments must still be deployed, optimized, monitored, managed, and secured. This is why outsourcing IT managed services in addition to infrastructure has become increasingly attractive.

  • Mar 8, 2017, 12:00 AM

    managed services partnerIt’s very common in the IT space to resell the services of others. We won’t go into all the reasons why, but in general, reselling helps broaden and complement existing services, provides a revenue opportunity, and has a strategic benefit. Although we are focusing on the process of selecting a managed services partner in this article, many of the concepts apply to working with any partner.

  • Mar 15, 2019, 12:00 AM

    Since its beginnings in 1999, Cartika has offered platforms, infrastructure, and software as a service as a trusted partner to its clients. Now in 2018, we are becoming ever moreaware of the importance of keeping personal data safe. In Canada, Cartika has upheld the requirements as laid out in PIPEDA since it’s passing into effect in 2004. PIPEDA recognizes not only the importance of protecting your personal data, but also the need of organizations such as Cartika to responsibly collect and disclose this information.