• With Cybersecurity & Cybercrime you need to plan for failure - on ScamsNOW.com

ScamsNOW!

The SCARS Institute Magazine about Scam Victims-Survivors, Scams, Fraud & Cybercrime

2025 SCARS Institute 11 Years of Service

Cybersecurity Failure Is Inevitable – Plan For It

By Tim McGuinness, Ph.D. – Anthropologist, Scientist, Director of the Society of Citizens Against Relationship Scams Inc.

The Saying NEVER SAY NEVER Is More Applicable In Cybersecurity & Online Safety Than Ever

Businesses are aware they need to plan for their cybersecurity, but they don’t know they also need to plan for their failure!

All cybersecurity is ultimately dependent on people, and people fail.

In fact, people almost always fail – not every day, but eventually, someone will make a mistake. Cybersecurity must do the right things 100% of the time, but the bad guys only need one mistake.

Has your organization planned for failure?

Here is a suggested outline for an organization in the event of a cyber failure. It assumes that data has been accessed and that it was not just a hack but also involved some form of social engineering. It also assumes you are doing all of the good deeds on the IT front to secure your tools and platforms.

  • Secure Everything – this is self-evident and obvious, right? But rarely do organizations do this. After a breach almost any connected device can be a new backdoor – you found and fix the primary entry point, but how do you know that your CEOs connected phone has also not been compromised, or the accounts payable manager’s computer? Every device needs to be recertified as secure.
  • Trace Everything – look at all potentially related transactions and business actions for compromises. This can include file moves, financial transactions, emails, etc. If an intruder gained access then they may also have been engaged in under-the-radar actions too.
  • Blame Is Not Important – first fixing the holes, and then analyzing the causes are important. But people will make mistakes. By blaming your people you make it much more difficult to both identify the real situation and to gain their willing cooperation after the fact.
  • Overcome Paralysis – people who are attacked, even cyber attacked – be it a scam or ransomware or other technical attacks – will be fearful. They will not know (immediately) the extent of the attack or how far-reaching it may be. In such a situation people freeze. But your business needs to keep running.
  • Plans should include – switching to alternate processes that you people know and can trust.
  • Watch The Money – expect the attack to be related to data or money, and secure your accounts and processes that can be used to access your money. Freeze everything electronic until they are known to be safe.
  • Stay aware of what your assets are – that attackers might want, but also the potential impact throughout your organization when they access them – because eventually, they will.
  • Communicate With Your People – all of your people. As said people will be afraid; afraid they did something or that they are affected. A cyberattack should be a WHOLE OF BUSINESS response. No blame, just all hands on deck!
  • Expect Fallout – have contingency plans in place for all nominal types of attacks to deal with the aftermath. Cyber insurance is not enough. Have legal plans, HR plans, banking plans, etc. Be comprehensive and VERY PARANOID!
    Provide Trauma Support – your employees, especially those in the line of fire will experience some trauma – count on it! Each human will react differently based on their history and past trauma. Expect that someone will need counseling, up to and including your executives! This is where HR will have to step up and be the guide.
  • Retaliation – forget it. Bring in the police and the FBI if appropriate, but let them do their jobs. If needed bring in outside cyber forensic investigators. Wait for the real answers, don’t rush to assumptions. AND DON’T blame your people. If one of them made a mistake acknowledge it and support them to never make it again – but of course they will remain human and future mistakes will happen. How you treat your people after an attack will have a lot to do with the probabilities of the next one.

Plan For Failure

In short, whatever you need to do to plan for failure is what you need to do. It is going to happen to every business or entity. It is not a question of if, just when.

With the pandemic, we have all seen how we all failed to plan for a major contingency. Hopefully, we learned from this. Now let’s apply this to the global cyber pandemic we all face every day!

If your business needs help for the human victims of cybercrime, we are SCARS and we support cybercrime & scam victims worldwide! You can learn more about us at www.AgainstScams.org

Stay safe!

-/ 30 /-

What do you think about this?
Please share your thoughts in a comment below!

More ScamsNOW.com Articles

SCARS LINKS:   AgainstScams.org    RomanceScamsNOW.com    ContraEstafas.org    ScammerPhotos.com    Anyscam.com    ScamsNOW.com

reporting.AgainstScams.org    support.AgainstScams.org    membership.AgainstScams.org    donate.AgainstScams.org    shop.AgainstScams.org

youtube.AgainstScams.org    linkedin.AgainstScams.org    facebook.AgainstScams.org

ARTICLE RATING

0
(0)

TABLE OF CONTENTS

META

Categories: UncategorizedViews: 771

CATEGORIES

MOST POPULAR COMMENTED ARTICLES

POPULAR ARTICLES

U.S. & Canada Suicide Lifeline 988

WHAT PEOPLE ARE TALKING ABOUT
LATEST SITE COMMENTS

See Comments for this Article at the Bottom of the Page

Important Information for New Scam Victims

Please visit www.ScamVictimsSupport.org – a SCARS Website for New Scam Victims & Sextortion Victims
SCARS Institute now offers a free recovery program at www.SCARSeducation.org
Please visit www.ScamPsychology.org – to more fully understand the psychological concepts involved in scams and scam victim recovery

If you are looking for local trauma counselors, please visit counseling.AgainstScams.org

If you need to speak with someone now, you can dial 988 or find phone numbers for crisis hotlines all around the world here: www.opencounseling.com/suicide-hotlines

Statement About Victim Blaming

Some of our articles discuss various aspects of victims. This is both about better understanding victims (the science of victimology) and their behaviors and psychology. This helps us to educate victims/survivors about why these crimes happened and not to blame themselves, better develop recovery programs, and help victims avoid scams in the future. At times, this may sound like blaming the victim, but it does not blame scam victims; we are simply explaining the hows and whys of the experience victims have.

These articles, about the Psychology of Scams or Victim Psychology – meaning that all humans have psychological or cognitive characteristics in common that can either be exploited or work against us – help us all to understand the unique challenges victims face before, during, and after scams, fraud, or cybercrimes. These sometimes talk about some of the vulnerabilities the scammers exploit. Victims rarely have control of them or are even aware of them, until something like a scam happens, and then they can learn how their mind works and how to overcome these mechanisms.

Articles like these help victims and others understand these processes and how to help prevent them from being exploited again or to help them recover more easily by understanding their post-scam behaviors. Learn more about the Psychology of Scams at www.ScamPsychology.org

SCARS INSTITUTE RESOURCES:

IF YOU HAVE BEEN VICTIMIZED BY A SCAM OR CYBERCRIME

♦ If you are a victim of scams, go to www.ScamVictimsSupport.org for real knowledge and help

♦ Enroll in SCARS Scam Survivor’s School now at www.SCARSeducation.org

♦ To report criminals, visit https://reporting.AgainstScams.org – we will NEVER give your data to money recovery companies like some do!

♦ Follow us and find our podcasts, webinars, and helpful videos on YouTube: https://www.youtube.com/@RomancescamsNowcom

♦ Learn about the Psychology of Scams at www.ScamPsychology.org

♦ Dig deeper into the reality of scams, fraud, and cybercrime at www.ScamsNOW.com and www.RomanceScamsNOW.com

♦ Scam Survivor’s Stories: www.ScamSurvivorStories.org

♦ For Scam Victim Advocates visit www.ScamVictimsAdvocates.org

♦ See more scammer photos on www.ScammerPhotos.com

You can also find the SCARS Institute on Facebook, Instagram, X, LinkedIn, and TruthSocial

Psychology Disclaimer:

All articles about psychology and the human brain on this website are for information & education only

The information provided in this and other SCARS articles are intended for educational and self-help purposes only and should not be construed as a substitute for professional therapy or counseling.

Note about Mindfulness: Mindfulness practices have the potential to create psychological distress for some individuals. Please consult a mental health professional or experienced meditation instructor for guidance should you encounter difficulties.

While any self-help techniques outlined herein may be beneficial for scam victims seeking to recover from their experience and move towards recovery, it is important to consult with a qualified mental health professional before initiating any course of action. Each individual’s experience and needs are unique, and what works for one person may not be suitable for another.

Additionally, any approach may not be appropriate for individuals with certain pre-existing mental health conditions or trauma histories. It is advisable to seek guidance from a licensed therapist or counselor who can provide personalized support, guidance, and treatment tailored to your specific needs.

If you are experiencing significant distress or emotional difficulties related to a scam or other traumatic event, please consult your doctor or mental health provider for appropriate care and support.

Also read our SCARS Institute Statement about Professional Care for Scam Victims – click here

If you are in crisis, feeling desperate, or in despair, please call 988 or your local crisis hotline.

More ScamsNOW.com Articles

A Question of Trust

At the SCARS Institute, we invite you to do your own research on the topics we speak about and publish. Our team investigates the subject being discussed, especially when it comes to understanding the scam victims-survivors’ experience. You can do Google searches, but in many cases, you will have to wade through scientific papers and studies. However, remember that biases and perspectives matter and influence the outcome. Regardless, we encourage you to explore these topics as thoroughly as you can for your own awareness.

TOP OF PAGE

Leave A Comment

Your comments help the SCARS Institute better understand all scam victim/survivor experiences and improve our services and processes. Thank you

Thank you for your comment. You may receive an email to follow up. We never share your data with marketers.