Episode 85: Below the Headlines: The Real Details of a Cyberattack Every executive has been warned about cyberattacks. Few are prepared for the stress that occurs when a hacker encrypts their data and their insurance company tells them they won’t pay. This week Vanessa talks cybersecurity with Mark Sangster, vice president of industry security strategies at eSentire and the author of “No Safe Harbor: The Inside Truth About Cybercrime and How to Protect Your Business.” Their conversation focuses on the emotional impact of being hit with a ransomware attack and the importance of looking at the root causes of cyberbreaches rather than just the symptoms. In this episode, you will learn: • What it feels like to be the victim of a ransomware attack. • How executives err in assuming that negotiating with a hacker will be coolly transactional. • The legal department’s role in cybersecurity. • Why companies should report cyberbreaches even if they aren’t required to by law. • How company postmortems about cyberbreaches are frequently distorted by biases, such as time bias and hindsight bias. In addition, Mark recalls the early days of his career working on encryption technology with the U.S. government, when reading an encrypted email meant clicking on it then going to get coffee and hoping it was open when you came back. Disaster Recovery Journal: • Register for DRJ’s weekly (Wednesday) webinar series at https://drj.com/webinars/up-coming/ • Register for DRJ Spring 2022: Resiliency Transformed at http://www.drj.com/spring2022 Asfalis Advisors: • https://www.asfalisadvisors.com • Apply to be a guest on the podcast: https://www.asfalisadvisors.com/decoded/ • Download the 5 Step Crisis Strategy: https://www.asfalisadvisors.com/services/ Connect with the podcast! • Please take part in our podcast listener survey at: https://forms.gle/XDuYPcFjXaydkEXV6 • Email us at podcast@drj.com • Podcast Website: https://drj.com/decoded/ • Twitter: https://twitter.com/BRDecoded • LinkedIn: https://www.linkedin.com/showcase/business-resilience-decoded/ Mark Sangster, guest Mark Sangster is vice president of industry security strategies at eSentire, a computer and network security firm in Toronto. He is also the author of “No Safe Harbor: The Inside Truth About Cybercrime and How to Protect Your Business.” He previously worked at Blackberry, Intel, and Cisco and has been in the IT security field for more than 20 years. His next book will look at the human element of being the victim of a ransomware attack and offer a playbook for managing such an attack. • LinkedIn: https://ca.linkedin.com/in/mbsangster • Web site: https://mbsangster.com • eSentire: https://www.esentire.com/ Vanessa Mathews, host Vanessa Mathews is the founder and chief resilience officer of Asfalis Advisors, where they are focused on protecting the legacy of the leaders they serve through business resilience. Before becoming an entrepreneur, Mathews developed global crisis management and business continuity programs for government and private sector organizations to include Lowe’s Companies, Gulfstream Aerospace, and the Department of Homeland Security. • LinkedIn: https://www.linkedin.com/in/vanessa-vaughn-mathews-mba-cbcp-70916b4b/ • Book Mathews as a speaker: https://bit.ly/VanessaMathews • Asfalis Advisors: https://www.asfalisadvisors.com/ Jon Seals, producer Jon Seals is the editor in chief at Disaster Recovery Journal, the leading magazine/event in business continuity. Seals is an award-winning journalist with a background in publication design, business media, content management, sports journalism, social media, and podcasting. • LinkedIn: https://www.linkedin.com/in/jonseals/ • Disaster Recovery Journal: https://drj.com/