MIT Sloan Management Review Article on The Unaddressed Gap in Cybersecurity: Human Performance
- 5m
- Dean Hamilton, Scott Stallbaum, Stephen A. Wilson
- MIT Sloan Management Review
- 2020
High-reliability cybersecurity operations leverage human performance as a critical layer of defense.
An employee at Maersk, the world’s largest shipping conglomerate, saw computer screens suddenly turn black and irreversibly lock in late June 2017. A highly engineered malware worm exploited company computers in Ukraine lacking the latest Microsoft Windows security patches. With this small foothold, the worm breached the company’s IT system and blocked access to all computers and servers worldwide, ultimately halting shipping operations for several days. The incident cost Maersk over $200 million in lost revenue, caused unquantified costs in perished goods and recovery efforts, and created a slew of unhappy customers.
The Maersk story is not uncommon. In 2015, 80 million customer records were stolen from Anthem because an unsuspecting employee responded to a phishing email. In 2017, the United Kingdom’s National Health Service suffered a ransomware attack that resulted in 19,000 canceled appointments due to the use of, once again, an outdated, unpatched version of Microsoft Windows. In 2019, data on 106 million Capital One customers was stolen via a misconfigured Amazon Web Services firewall. And the list goes on.
About the Author
Stephen A. Wilson is cofounder and managing partner at consulting firm Wilson Perumal & Company (WP&C). Dean Hamilton (@hamildean) is chief technology officer and partner at WP&C, and Scott Stallbaum is a manager there.
In this Book
-
MIT Sloan Management Review Article on The Unaddressed Gap in Cybersecurity—Human Performance