Disk-imaging technology, faster storage, and new protocols have changed the average recovery time objectives (RTOs) from hours to minutes. But in the modern world, data is so critical that many businesses are working to reduce RTOs even further, and with good reason. Today a business that doesn’t have access to its data can lose $100,000 every hour, in addition to the potentially huge costs of recovering that data.

The city of Riviera Beach, Florida made news recently when it announced it was paying approximately $600,000 in ransom to undo a ransomware attack it suffered in late May. In addition to the ransom paid, officials also invested more than $900,000 into new hardware in the hopes that they do not have the same vulnerabilities as the old ones. That’s $1.5 million in damages from one attack.

They say crime doesn’t pay, but clearly the architects behind GandCrab ransomware didn’t get that memo. They recently announced they were retiring thanks to the money they’ve made encrypting victims’ computers. At the beginning of June, operators of the notorious GandCrab strain of ransomware announced that “all good things come to an end” and they are ceasing their operations. Unfortunately the success they reported will likely provide a roadmap for other cybercriminals that will continue for a long time.

News of security breaches, data loss, and data theft is sadly a daily occurrence. Almost every industry and every size of organization have been hit — including governments, retailers, universities, and healthcare systems. What’s worse, affected businesses suffer both financial and reputational losses while being dragged into the news cycles. It’s clear that organizations and employees are not CyberFit enough to meet today’s data security and privacy challenges. Let’s look at how the landscape has changed and what organizations need to do to become CyberFit.