The ghost of business past, business present and business yet to come – a cautionary tale

Dec 19, 2022 | Cyber Security

There once was a British business man, Evan Geeza who prided himself on his own hard work and stringent economic values. He had worked his way up from sweeping the kitchen floor to becoming CEO of a micro company that manufactured and distributed desserts. Founded in 1980, Trifles, Ice-creams & Meringues (TIM) were now embracing the modern age with three computers, each running Windows 7.

In the last twenty years, Evan had reluctantly moved from filing cabinets to databases and from letters to emails, and in the last five years, he was allowing customers to place their orders on his website and his two employees to work from home when they were seriously ill. The last time he backed up any data was in 1986 and he still keeps that floppy disc under the sink, but on the whole, he preferred to focus on the stiff shining peaks of his whipped egg whites rather than antivirus and the consistency of custard, jelly and cream instead of automatic updates. Evan had not even spared a thought for the security of their company password, ‘Dickens ’.

Earlier that year, Evan’s business rival had gone bust following a major cyber breach and a £200,000 fine from the ICO. But Evan reassured himself that it must have been his own fault for trusting his employees too much or having too many modern computers.

One night Mr Geeza was visited by a spirit, it was the ghost of analogue business. He was shown a nostalgic vision of a simpler time where business men like himself could dictate letters to their secretary, smoke in the office and drink at lunch time. He was fondly reminded of an era where people used to finish work at 5pm and go home to watch Knight Rider on TV.

The next night, Evan was visited by a second spirit, the ghost of the post covid, digitally transformed business landscape of the present day. He sighed deeply as he was shown unskilled cyber attackers from all around the world using easy to access and cheap tools to create phishing attacks and ‘hacking as a service’. He saw businesses of every size getting breached, losing control of their customer data, struggling to keep running or having to close. He saw the victims of these crimes, everyday customers who became victims of more targeted attacks, fraud and identity theft.

On the third night, Evan Geeza was visited by a spirit, this time, it was the ghost of business yet to come. The spirit showed Evan a vision of his future where his whisks, his fridges and his kitchens were gone, his website was gone, his livelihood had disappeared. In despair, Evan quickly searched on Google for Trifles, Ice-creams & Meringues. Sure enough, he found his answer. There were two entries; the first a headline from Essex weekly, “RIP Tiny Tim, Business closes after 50 years”. The second, an excerpt from Bakeryinfo, “TIM gets it’s just desserts –Pudding company folds after ransomware attack. Basic cyber security could have saved them, say experts”. 

The next morning, Evan Geeza awakens a changed man. He decides to break a habit of a lifetime and ask for some help. Being a technical question, he rings his teenage niece who tells him to look on the NCSC website. From there, Evan identifies Cyber Essentials as a basic framework for a small business to follow and a way to demonstrate to others his new security priorities. Located in his town, a security expert from one of IASME’s Certification Bodies is able to work with TIM to over haul their cyber security and in doing so, change their fate.

The fate of TIM was not the only thing that changed that year, Evan Geeza embraced his cyber security journey, upgraded his tech and traded his Ford in for a Tesla. By facing his blind spot, and making his business more secure, Evan felt a renewed sense of wellbeing and this helped him take a few more risks in other ways.