In line with the current climate of security breaches and our increased level of security offerings (multi-level and security stack) for our clients, we chatted with our Waytek CEO, Brian McDonnell about his direct experience with clients and security breaches.
Brian, have you had experience with clients, who did not opt for enhanced security and had a catastrophic event as a result?
Yes, unfortunately there is a misconception that having just one or two layers of security is enough, and we have experienced this pushback from some clients. It’s kind of like saying that I have great security for all my doors, but my windows are unlocked. One client refused to add multi factor authentication (MFA) to their email, and as a result, their employee’s email was hacked and the hacker stole over $300,000 from their largest client.
Can you give an example of a client’s situation resulting from this event? What caused it? How did you help resolve the issue? How costly was it for the client?
Referring to the event above, the employee’s email was hacked and the hacker created a rule to have email from the company’s largest client diverted into an Outlook folder that the user never accessed. Then over the course of a week or two, the hacker communicated with the client, created a trust in their back and forth emails, and convinced the client that their bank information needed to be adjusted. From this point on, until it was discovered, the client made payments to a bonus bank account and the company never received the $300,000 that was due to them.
How is it cost-effective to implement layered security or security stack?
I think this example should be proof enough, but the benefits of having a multi-layered approach to security far outweigh the risks of a breach that can cost large sums of money, threaten goodwill from clients, shut down the business for weeks (in the case of a ransomware attack) and generally create unnecessary stress.
Thanks for your input, Brian, and bringing some clarity to a complicated issue.
