Friday, March 18, 2022

A tale of Caution

A few days ago, I found an interesting and dangerous situation that I would like to warn you about.

 A company I know well was under attack from a weakness on their web site.  It was a major intrusion that needed immediate attention.

 My issues started when I tried to contact anyone at the company to warn them about the problem.  

 I had to go through a “phone tree” for support. When I finally got a human to answer, and I explained the nature of the problem, and how it was time sensitive, the response I got was, "Thanks for the information. Someone will get back to you in a WEEK!  (the people who answered the phone were not IT support!)  

 What are your support staff trained to do when an issue is called in? Do you train them and test the process?  Think about the issues if this was ransomware!!  How long would support have waited to call level 2 support?  How much data would your company lose while waiting for a ticket to even get to the proper person ?

 TRAIN YOUR STAFF NOW so that they can handle and respond to risks quickly in an appropriate manner.  Don't become a victim!