Dr. John McKittrick: General, the machine has locked us out. It’s sending random numbers to the silos.
Pat Healy: Codes. To launch the missiles.
General Beringer: Just unplug the…damn thing!
McKittrick: That won’t work, General. It would interpret a shutdown as the destruction of NORAD. The computers in the silos would carry out their last instructions. They’d launch.
Beringer: Can’t we disarm the missiles?
Healy: Over a thousand of them? There’s no time. At this rate it will hit the launch codes in…5.3 minutes.
Beringer: [smiles sarcastically at McKittrick] Mr. McKittrick, after very careful consideration, sir, I’ve come to the conclusion that your new defense system sucks.
* * *
At Quadrillion Partners, we are film and history aficionados. “WarGames” is one of our favorites. On the big screen, Matthew Broderick’s character engaged with Joshua/WOPR, an IMSAI 8080 computer, which by today’s standards is the computing equivalent of your home coffee maker, and through a back-door loophole, the young computer scientist seems to have control over the entire U.S. nuclear arsenal.
While the IMSAI 8080 computer is now history (sold off at a Christie’s auction a few years ago, actually), the threat of cybersecurity break-ins needs to be a very real concern for middle-market business owners. Consider some of the key facts presented at last week’s RSA Conference in San Francisco.
- $46 billion: amount spent on cybersecurity/critical infrastructure globally in 2013
- $3.5 million: the average cost of a data breach in 2014 — up 15 percent from 2013
- 66 percent of security incidents are caused by current or former employees
- 90 percent of data breaches in 2014 were preventable
- More than 90 percent of security spend in 2014 focused on perimeter protection
If you’re a middle-market business owner, you probably are not terribly focused on data and cybersecurity. In fact, meeting payroll, managing working capital, delighting your customers, keeping your employees engaged, and other more pressing items probably top your list.
We are here to tell you to spend a few hours watching “WarGames” this weekend and also reviewing your physical and data security procedures, tools and capabilities. Why?
Reason 1: Your online security measures (and your disaster recovery plans) are probably out of date. The cybersecurity industry and government policy around how to prevent attacks is developing quickly, but it is very much a work in process.
Reason 2: If you are hacked, or if a disgruntled or current employee takes advantage of you, your recovery process will be a costly and “near death” event for your business. The damage to your business — in the form of file deletions and/or the theft of customer data — can be substantial, depending on the number of files lost or stolen.
Reason 3: Physical and cyberattacks are preventable, if you do some upfront planning, work to keep up-to-date with industry developments, and identify potential vulnerabilities in advance. After all, as Matthew Broderick’s character David Lightman asks in “WarGames,” “Is it a game…or is it real?”
We are here to tell you, it’s real.