Hi! I am Nick Gipson, the Director of Cyber Operations here at Pareto Cyber. This is Part 1 of my 10-part series on “10 Things I Hate About Cybersecurity: A Love Story” where I dissect the problems within this industry and my personal encounters with them.
How can we protect your IT infrastructure if we don’t know what we’re protecting?
You might think that when people hire external cybersecurity experts like our team at Pareto Cyber, they trust us to do a good job. Yet, for whatever reason… that’s not always the case.
Sometimes, a new client will hesitate to trust us. Every so often, they may refuse to hand over the keys we need to access their systems. Other times they don’t provide us with an accurate description of the cyber threats they’ve been encountering. And, occasionally, they just won’t listen to our advice.
Why Trust Matters
When one of our clients hired us, they were already using an Endpoint Detection and Response (EDR) tool. While we usually encourage our clients to preserve their existing tech stack and improve their cyber maturity in other ways, this particular tool was not serving this client’s goals.
We advised them to switch out that pre-existing software to another alternative. This new tool would have cost them significantly less and cover additional use cases more aligned with their needs.
But this client did not agree with our recommendation. Instead of switching to the new tool, they kept their existing EDR solution.
A few months later, they paid the price.
A piece of ransomware activated and locked up a large part of their assets. The company ended up paying thousands of dollars to the cyber attackers to regain access.
The real kicker? That malware had actually infiltrated their systems 5 years ago. Yet, their EDR solution not only failed to prevent the breach, it didn’t detect those compromised files for that entire time!
Of course, there are no guarantees in cybersecurity. But in this case, we are confident that had the client agreed with our recommendation, they would have been a lot more likely to detect that ransomware and eliminate it before they got attacked.
What Can We Do?
So, why does this happen?
There are many potential factors causing clients to hesitate, but I do think there’s a simple explanation for many of these situations.
Technical people can often get irrationally attached to their tools. Because they are so comfortable with the tools that they’ve been using, changing them is frustrating and scary.
So, when we come in with our recommendations, these team members can get hung up on defending their decisions and refuse to implement any changes, even when those changes could help their organization.
To prevent this type of situation from occurring again, I try to alleviate this discomfort.
All new clients that sign on with Pareto Cyber now get training on using new tools. I walk them through the functionality, any differences from their previous software, and answer any questions they might have.
Hopefully, with some guidance, trusting us won’t feel so scary anymore.