Former executive head of security at the CIA Nick Gisinto, who worked for the agency for 10 years and after leaving it worked for Uber and Tesla, called on companies to spend at least 10% of their IT budgets on cybersecurity.
About this he said said in an interview with Forbes.
«Russia allows the spread of cyberattack methodologies among the population, not just the military, and encourages civilians to carry out such attacks», Gisinto said.
In the nearly two years of the great war, hackers have carried out more than 9,000 cyberattacks on Ukrainian companies and state-owned enterprises, according to SBU data. The latest high-profile cases are attack on «Kyivstar» On December 12, 2023, which left 24.1 million subscribers of the largest operator without communication for several days, and the January attack on the «Parkovy» data center.
Therefore, Ukrainian companies need to spend at least 10% of their budget on cybersecurity. To determine the specific amount of spending, a company must assess risks and analyze what is most important to protect. Then the business will be able to make appropriate investments.
In his opinion, it is necessary to invest in cybersecurity from the very beginning of the company’s existence. Many things can be implemented without using additional tools.
- For example, multifactor authentication is an effective thing that costs almost nothing.
- The lack of reliable password protection methods is one of the main reasons why companies fall victim to malware.
«Ukrainian companies are probably the best at understanding the risks posed by cyber vulnerabilities. When a country is embroiled in a conflict like Ukraine is now, resources become very important. Companies need to be more creative in their solutions. They need to look for low-cost, innovative solutions to gain some kind of competitive advantage or achieve a certain goal without spending a lot of resources,» Gisinto said.