The Colonial Pipeline and the ONE Thing Business Owners Need

I still remember the day I sat down with a client, they had just been “almost hacked” and suddenly they cared about cybersecurity! I could do a whole post on the vast chasm of regard for secure computing from CEOs of companies that have been hacked and those that haven’t been yet… but I digress. I had prepared a report, a list of appropriate recommendations and changes. Some cost money, and others configuration changes and best practices.

As I laid it all out, what it would take to address the issues and level up, I could see the older half of this father-son, CEO-President team start to lose interest. I’d like to say they trusted me fully, but these guys were very cognizant of running their operations for a tidy profit, and verrrry leery of any vendor that might possibly be turning a profit off of them. I quickly finished up to let it sink in and see what they wanted to do. The father took the opportunity to speak up first: “Isn’t there one thing we can buy that will solve these issues?”

And that IS the one thing… that there is no one thing! You probably saw that coming. Now about that Colonial Pipeline ransomware hack. I always go past the headline news for the deeper stories on these things. The mainstream media is at the level of reporting on these things that my 2 year old daughter was when I lit a pan of oil on fire…”Daddy, dat happened!” Yes, it sure did honey. So I look for the industry analysis, to find out what was the thing, the one thing that big professional pipeline company was missing that allowed a hacker in. Unfortunately, no one wants to talk about that so we won’t soon know.

The fascinating part of what we do know, is this “Darkside” organization, the Uber of ransomware, or maybe AirBnB, or whatever better high concept escapes me right now. Not only do they offer a revenue share service for the busy hacker-on-the-go who just doesn’t have time to extort money from his targets, they also have a conscience! By now you have read they sincerely apologized for the disruption of critical services, vowed to avoid such missteps in the future, have totally deleted all copies of that stolen data in exchange for $4.4M worth of Bitcoin, donated to charity, and then promptly shut down. If you can’t trust millionaire criminals, who can you trust these days? Maybe that works on somebody else, I don’t know. But not here, criminals are criminals, violating trust is job #1.

Now we are at the 5th paragraph and I haven’t given you one thing yet! So here is the thing, it doesn’t matter how Colonial Pipeline was hacked. And we should be empathetic, as it could always be us tomorrow. Pride commeth before the fall as they say. What I have learned over the years is that IT and Security staff, we DO have to deliver that one thing. The one thing needs to be a standard, with an audit, a plan, and an outcome. We need to address the unseen or ignored, the exceptions and the loose ends. It needs to cover the basics as well as the advanced stuff. All our collective and latest knowledge must be put into action. I stopped selling solutions and “things” long ago.

At Rx-IT When we realized the cloud was the open front door to most of our clients, we put all our best practices into a standard, to apply to our customers, with their input. It’s one thing but it’s a lot of things. Whether the big hack news brings your IT people to you, or you call them in, when they bring the “one thing” that you need, just make sure it’s not really one thing. If they are pitching a product or a point solution, send them back to try again. We need to use our brains on this stuff.