internet-3629639_1920A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful cyberattack against it. They think their company is doing it all right and this is only the kind of stuff that happens to “the other guys.”

Do you think that? Do you think your team has it all under control and cyberattacks are not something your company should be concerned with?

Let’s get this straight right now:

No company is immune from this risk.

No company has it all figured out.

No company is completely secure.

I don’t care how sophisticated you may think you are. You may think you are doing it all right and you may be trying really, really hard to do so, but, cyber attacks are still the single greatest risk your company faces (read why).

Do you not believe me?

Then let me ask you this: Do you think FireEye — arguably the best of the best of the cybersecurity experts on the planet — has sophisticated IT systems, cybersecurity protections, and teams of folks who try really hard to get it right? I think so. FireEye is at the very top tier of this industry and they are the cybersecurity experts who many of the savviest companies in the world hire to help protect them.

If anybody is going to get this right, it’s FireEye.

If anybody is going to be immune from this risk, it’s FireEye. 

Well … FireEye just disclosed that they were the victims of a successful cyber attack! That’s right, FIREEYE!

A highly sophisticated state-sponsored adversary stole FireEye Red Team tools. Because we believe that an adversary possesses these tools, and we do not know whether the attacker intends to use the stolen tools themselves or publicly disclose them, FireEye is releasing hundreds of countermeasures with this blog post to enable the broader security community to protect themselves against these tools. We have incorporated the countermeasures in our FireEye products—and shared these countermeasures with partners, government agencies—to significantly limit the ability of the bad actor to exploit the Red Team tools.

Read more: Unauthorized Access of FireEye Red Team Tools (FireEye Blog)

If it can happen to FireEye, it can happen to anyone, including your company. Take this seriously.

Oh, by the way, now do you understand why I say that every company needs cyber insurance, and this is what they should be looking for: 2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!

Published by Shawn E. Tuma

Shawn Tuma is an attorney who is internationally recognized in cybersecurity, computer fraud and data privacy law, areas in which he has practiced for nearly two decades. He is a Partner at Spencer Fane, LLP where he regularly serves as outside cybersecurity and privacy counsel to a wide range of companies from small to midsized businesses to Fortune 100 enterprises. You can reach Shawn by telephone at 972.324.0317 or email him at stuma@spencerfane.com.

Join the Conversation

2 Comments

  1. Pingback: The Art of Cybersecurity: How Sun Tzu Masterminded the FireEye and US Agencies Cyberattacks – Business Cyber Risk
  2. Pingback: Shawn Tuma Provided Texas Bar Journal 2021 Cybersecurity & Data Privacy Year in Review Update – Business Cyber Risk

Leave a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Business Cyber Risk

Subscribe now to keep reading and get access to the full archive.

Continue reading