Cybersecurity is a matter of managers and the biggest risk is presented by poorly trained employees, agreed RENOMIA Client Service Director Michael Dubský with other experts in a debate on the Lidovky.cz portal

Cyber security is no longer just a matter of the military or strategic companies. Over the last year, tens of thousands of companies only have encountered an attack on corporate networks and data.

How should a normal company defend itself against such criminals? What should a small tradesman, the head of an architectural studio, or the CEO of a large corporation do? And since you will never achieve 100% protection against risks, does it make sense to insure yourself against blackmailers? Or is it easiest to have ransom funds ready?

Michael Dubský, Client Service Director of RENOMIA GROUP, Jan Dienstbier, Head of the Cyber Security Department and Technical Guarantor of the KYBEZ Platform, and Jiří Táborský, Spokesman of the Czech National Cyber and Information Security Agency (NÚKIB), sought answers to the questions and more in a debate of the Lidovky.cz portal.

The most common recent attack is the so-called ransomware attack, where an attacker encrypts all data and completely stops the operation of the company or office. “In this way, blackmailers have been able to paralyze large multinational logistics companies, thousands of American cities, and recently stopped the Colonial Pipeline, which provides most of the fuel in the south-eastern United States,” recalled Michael Dubský. “Now put yourself in their shoes: the company is not meeting its obligations, there has been huge damage, including damage to third parties, so Colonial could have done nothing but pay millions of dollars to the blackmailers.”

However, authorities around the world are warning against paying the ransom, not just the FBI and the Czech NÚKIB. “On the one hand, you are supporting criminal activity, on the other hand, you have no guarantee that the blackmailer will actually unblock your systems, or will even not publish the data,” explained Táborský.

“As with any risk, prevention is the most important thing – and the biggest risk comes from within the company, through insufficiently trained or equipped employees,” Dubský recalled.

The biggest disaster, according to all experts, is the fact that in many places they consider the security of all data and its transmission a task for the IT department. Although computer experts can solve technical issues, the process and organizational parts – the crisis and business continuity plan – must be the task of top management. In other words: IT workers cannot arrange for training or even testing employees, and they cannot prepare a plan for the resumption of production or external communication.

Cybersecurity is not a technical discipline. “It often happens today that a company or office is well protected, but an attacker attacks someone who provides you with services. In this way, hackers have infiltrated SolarWinds network products, reaching the United States government and many other institutions,” warned security expert Dienstbier.

“Within Central and Eastern Europe, there are very few companies with the position of risk managers who would specifically identify and evaluate these risks. There is even a belief in some companies that it is enough to have some insurance, and everything is solved, which is a terrible mistake,” warned Michael Dubský. “Insurance can reduce and mitigate damage, provide solution experts, help restore operations, and so on. But no insurance company will insure a poorly secured company that does not work with cyber risks,” concluded Dubský.