Merry Christmas Everyone.
Sitting here cooking Christmas dinner and watching the oven timer click down gives me time to catch up on some reading that I’ve been putting off, so it’s good to have a little down time to do what I want as I “cook the bird”.
This article provides a nice overview of the “Cyber Risks” that impacted many people throughout 2024. From cancelled medical procedures to cancelled Delta Airlines flights, to ambulance rerouting and the monthly postal notifications of another data breach affecting my PII. 2024 is definitely “different” from 1992, before the Internet was open for commercial use.
The Crowdstrike incident provided proof that “Cyber Resilience” and “Cyber Risk Management” is not just about stopping bad guys, it’s about ensuring that the cyber ecosystem you depend on is resilient to disruptions, all types of disruptions!
The Change Healthcare incident showed that Cyber Incidents can affect a large number of people and the most foundational parts of our economy. Cyber risk is business risk, but as this incident showed, cyber risk is also societal risk when central entities are impacted by a cyber incident.
People are wondering what the new administration will do to cybersecurity regulations and critical infrastructure operations. I can say, with confidence, based on my research, that the new administration will continue to treat cybersecurity as a high priority as it seeks to cut wasteful government spending on programs that fail to achieve effective results that benefit all Americans.
Â