It’s expensive, but without a thoughtful investment the problem will grow

OK folks, we have a problem. It’s not a big problem; it’s a great big, giant problem. Although we invented the computer industry, we’re no longer the masters of it. It’s been developing for decades. We hardly manufacture any computers or components anymore; we’ve sold these operations overseas. We still develop some of the software, but much of that has gone overseas as well.

I guess it sounds reasonable to some, but have you noticed the number of hacker attacks from foreign soils? They’re increasing steadily with ever more dire consequences. When we make things, we learn a lot about them that is never apparent to buyers and users.

If you’re wondering who is safe anymore, it’s probably not you or your company. Yes, you can follow all the guidelines, hire consultants to implement them, and even if you’re successful, your suppliers and customers may not be. Who will you sell to, and how can you supply them?

We can have the most brilliant and useful products and/or services, high customer demand, glorious expectations for the future, and all of a sudden out of nowhere, a ransomware attack paralyzes us. But no one seems to know what to do.

When a large company gets hacked and valuable data is stolen, the chief information officer and a few top lieutenants get fired. If there’s enough of an outcry, the CEO gets fired too. We put in new people and hire cybersecurity “experts” to patch the holes and buy several years of identity theft protection for those whose identities were exposed because of our negligence. Then it’s business as usual until the next cyberattack …

The problem is nothing changes. We haven’t fixed anything. The new crew may not be any better than the previous one. The next hacker may not have any more difficulty than the previous one.

We haven’t just sold off and exported our manufacturing; we’ve sold our technology as well. And now it’s being used against us.

Computers and the internet have become our central nervous system, and we have yielded control to somebody else. Worst part of all is that we don’t even know who.

Many software programs were written decades ago, long before computer viruses and hackers showed up. Yes, they’ve been continuously upgraded, but cybersecurity is almost always an afterthought.

For example, when we buy a new computer, we usually buy virus, firewall, etc.

protection software separately. That’s like trying to make your house secure by adding a lock. It’s not going to turn your house into a vault.

Since hackers and cyberattacks have become so prevalent with exponentially increasing liabilities, software should be developed with the security embedded within it. Build it to be hacker-proof from the beginning. Then, we could actually have something that’s a real challenge to hackers.

If the entire system is built to withstand such attacks, we have a far more formidable defense. Oh yes, this would cost an awful lot of money, but how much are these ransomware and other attacks costing us now?

When I go to the bank, I can see the door to the vault. It’s obviously built to withstand thieves. They know they’re out there, and the security is built in. A local sub shop recently closed. They razed the building and built a bank on the site from scratch. They didn’t try to convert the sub shop into a secure bank. As a result of this kind of thinking, bank heists are rare, except maybe in the movies.

We can keep applying band-aids to this problem with ever more expensive and dire consequences, or we can decide to fix it. Both strategies are expensive, but one helps us develop real protection and keep our self-respect.

Who wants to be a CEO who goes hat in hand begging, “How many millions (or billions) do you want to free my system?”

Ronald J. Bourque, a consultant and speaker from Salem, has had engagements throughout the United States, Europe and Asia. He can be reached at 603-898-1871 or [email protected].