Bloomberg and other news outlets have reported that Colonial Pipeline paid hackers nearly $5M in ransom, in the wake of the recent ransomware attack on pipeline operations.
The magnitude of loss perceived by Colonial Pipeline obviously exceeds the $5M paid if we add up loss of revenue as well all the expenses involved in reaching Colonial’s recovery point objectives (RPO).
In light of this attack and others, industrial operators need to ask themselves:
- How can we quantify our risk?
- What is the investment needed to reduce our risk?
- Is it under or over our tolerable risk?
In paying the ransom, Colonial-Pipeline has signaled to cybercriminals what their tolerable risk is for a single event.
I call upon companies in all sectors to initiate a process of DATA-DRIVEN risk analysis, establish security assurance levels and tolerable risk, and prioritize their investment in risk mitigation according to their tolerable risk.
Learn more about the Radiflow CIARA platform for continuous risk assessment monitoring in OT/ICS environments.