2. The “IT person” you hired may be great at networking, but are they great at cybersecurity? IT as a function has grown a lot of different disciplines – so saying “we’ll hire an IT person to handle it” sounds about as silly as building a hospital and saying “we’ll hire a doctor.” 3. Cybercrime is exponential not incremental. This is where most long-time business leaders have trouble computing the reality of today’s world. We often think of crime as linear: one person can break into one thing at a time. Cybercrime is exponential: one person can break into thousands of places at one time, drain all their data or funds, and have it all routed to places you cannot find within milliseconds. “When your people click the wrong link, or wire money to what looks like a perfectly legitimate bank account, your asset becomes your liability.” 4. The greatest threat is your greatest asset – your people. We all know people make the difference. Finding and keeping good employees is a strategic advantage – but few if any AEC companies are asking questions during interviews to uncover if a candidate has any type of security mindset. When your people click the wrong link, or wire money to what looks like a perfectly legitimate bank account, your asset becomes your liability. Remember – people do not become more secure just because they come to work. 5. The price to secure your business is based on expertise, not your budget. Addressing the threat is all about mindset and accepting that you can no longer view IT and cybersecurity as an expense to be controlled and diminished over time. Smart firms will accept that this will be a long-term investment that will grow each year and be designed to protect strategic assets. Is your head spinning yet? You are not alone. Nobody wants running a business to be this way. It is digital Darwinism at its finest and it is something you will have to address with a plan. How will you start? Perhaps the best place to start is with a conversation. Edafio Technologies will be facilitating an educational breakout session at Zweig Group’s ElevateAEC Conference called “Naked and Afraid: That point when you realize your business really is a target for cybercrime.” This is a session designed to equip AEC business leaders with the start of a cybersecurity playbook you can build-out for your own business. We hope you will join us, because now is the time to make sure you are not one of the epitaphs we read in 2032. Mark Hodges is chief growth officer at Edafio Technology Partners. Contact him at firstname.lastname@example.org.
MARK HODGES, from page 9
a heat shield from cybercrime. Some firms went out of business early (2022-2024) because they were introduced to ransomware. They were locked out of all their files, and in some cases, client files were posted on the dark web (violating their nondisclosure agreements with their clients – who subsequently sued). For the early departures, the deaths were quick and painful. For those who were able to get some form of their files back, there was always the threat of the ransomware exploding again. (Incidentally, if you read the substance of No. 1 and are not quite sure what we’re talking about, you are at risk of being one of those early departures.) 2. Data is oil and has value. Those who went out of business over that 10-year period had another common misperception – they did not understand the value of data. As early as 2004, data was becoming the new “oil” of the economy. It had inherent value and increased in value the more it was refined. It became a bargaining chip of sorts. For the cyber criminals who were able to get into a firm’s systems, they were able to hold all the cards. They either took the data hostage, or in some cases they committed industrial theft and shared designs and intellectual property. Over time, some firms realized that they had been compromised for years with bad actors sifting through files and stealing valuable client data. Some cybercriminals even made money selling one firm’s designs and intellectual property to competing firms. 3. Underspending helped many firms save their way to the ash heap of history. Business leaders often get angry about any sort of IT spend. We are not sure why, but 2020-2022 were interesting years. Those were the years when business leaders gravitated toward a mindset borne from a false premise: If I can buy technology at BestBuy or Sam’s or Costco, why should I pay so much to have someone manage it? Looking back 10 years at 2022 and the years in-between, we have learned that saving money on hardware or software packages does nothing to develop strategy. It was during those years when most were happy if IT just worked. What they didn’t see is what eventually killed them. WELCOME BACK. Now, let’s travel back to present-day. What do you do? The stars are aligned for a lot of good AEC firms to go out of business in the next 10 years all because of an erroneous mindset. Will you do anything differently? Here is what you face in one quick list: 1. If you can afford your cybersecurity policy renewal this year, you will not be able to afford it next year (and it won’t be worth the money – your coverage will drop to a paltry amount). With that backstop gone, how will you operate? “The stars are aligned for a lot of good AEC firms to go out of business in the next 10 years all because of an erroneous mindset. Will you do anything differently?”
© Copyright 2022. Zweig Group. All rights reserved.
THE ZWEIG LETTER SEPTEMBER 12, 2022, ISSUE 1456
Made with FlippingBook Annual report