My wife and I were recently heading to a local restaurant for a Friday evening dinner. As usual at the end of the week, it was much later than we had hoped to be eating. Waiting at a traffic light a night rider emerged from the darkness on a dirt bike. You know the type, a young Evil Knievel without a care in the world. He passed all of us waiting for the light. My wife noted that he ran the red light against traffic.

Our young rider with his handful of cc’s couldn’t keep up with traffic so we caught up with him. I flashed my high beams and stayed behind him. He moved to the bicycle lane and motioned for me to go around several times. I just stayed behind him. Was I there to protect him from someone coming up on him in the darkness? Was I there to irritate him? Admittedly maybe a little. Honestly, I wanted to talk to him about risk. A first-hand vision of risk that is seared on my brain for the rest of my life at the very next intersection.

At the very next intersection on a Sunday in July 2019. Maria, my wife and I had just closed on a fixer-upper a few miles south. We spent the day pressure washing and cleaning up the new-to-us house and property. It was dark when we pulled up at the light to turn left on our street. We saw something lying in the road just to the right of our car in the middle of the three-lane highway. We asked. Is that a guy? That is a guy!

I pulled my car to block his body from the cars whizzing by feet from his body. That is when I met George. George had spent his Sunday the same as many of us do. Hanging out at home with his family, drinking a few too-many beers, watching some sports. He got what would be a fateful call that he needed to immediately return a borrowed motorcycle. Return tonight otherwise expect legal issues. At that moment, the largest risk in George’s mind was having his Sunday interrupted by an uncomfortable conversation with a police officer.

Was I smarter than George or our night rider tonight? No. I could conceptualize the risk, because I knew it first-hand.

Sadly, I know the cybersecurity risk firsthand to businesses small and large. Some years ago, I got a call from our partner Dell. They had a client in our area with a significant issue. I dropped everything and headed out to investigate. It was my first in-the-wild run-in with ransomware. This medical imaging provider had every image encrypted and unavailable. All patient records. They could not even look up the telephone for their doctor clients. The office staff were just looking at one another. They couldn’t take any images. A massive semi-trailer mounted imaging device was in the parking lot running up rent by the minute. We recovered what was ultimately an inconsequential amount of data.

I gave the owner a proposal to protect his systems going forward. I referred him to a forensic expert to attempt to recover more data. He contacted his insurance provider and tried scrape up the money to pay the ransom.

A week or so later, I was waiting outside a local law office near the end of the day. I had an appointment with an attorney and took the opportunity to follow up with the business owner. What he told me next left an indelible mark on me. I can remember the exact parking spot in that lot when he shared that his business was done. He had not reopened and never would. Sometime later I confirmed on Yelp that his business was closed. I even drove by to confirm. I couldn’t believe this owner’s bad luck.

He was just literally minding his business. Scanning patents and serving the medical community with life-saving imaging. Finding markers in patients such as cancerous lesions. Out of the blue he was hit with a business-ending cybersecurity disaster.

A study by the US National Cyber Security Alliance found that 60% of small businesses that experience a cyberattack go out of business within six months.

There were a lot of basic things he could have done even in those early days of ransomware to protect himself. A good backup, patching his server and workstations, and updating his firewall. None of this was done. His system installer didn’t educate him on maintenance and data protection. He had not conceptualized what could happen to his business.

The risk has become hundreds of times greater than it was in that imaging business many years ago. Hackers have developed more sophisticated attacks. They have honed their skill to score larger hits on businesses. They just don’t encrypt all of your data. They also steal data and blackmail business owners. These aren’t script kiddies. These are professionals that work for companies or nation states. Maria and I address this in-depth in our upcoming book, "Your Business is an International Cyber Security Target".

On that fateful July 2019 evening…the mother of George’s children appeared from the darkness. She knelt over his body screaming for him to not do this. She and the kids need him. George was pronounced dead on arrival at the local hospital. A good Samaritan nurse and I had already surmised that outcome in the middle of that dark road.

I get a lump in my threat reliving that night in my mind. I desperately wanted to share that moment with our night rider.