In the so-called new reality of 2020, when over 20 billion records with personal data and payment information were exposed, it is important for businesses to keep an ear to the ground. Every leader should be aware that there is no 100%-security guarantee! Therefore, any modern organization needs to craft a clear plan to be able to prevent or face cyber attacks and recover after them. How to address this issue?
The Importance of Full Disclosure
In the event of a cyberattack don’t fail to notify those who are affected — including customers, employees, and the public. Withholding information or providing it with delay can lead to severe consequences and cause another crisis for your organization, damaging your reputation. Full and immediate disclosure of cyber attacks is an important crisis management best practice.
Remember in 2017, the media was full of headlines that Uber was trying to hide the fact of a cyberattack? This behavior led not only to a decrease in customer confidence but also a $ 148 million fine.
In 2017 Uber made headlines when it tried to cover-up its cyber attack, thereby making a bad situation even worse. As reported Uber had to pay a $148 million penalty to settle allegations it intentionally concealed a 2016 data breach.”
Risk assessment and management
Do you know that an early risk assessment is a critical aspect of crisis management plan development? Well before you face a problem, you should consider all potential risks, which absolutely must include cyber attacks. Organizations should continuously look for and address potential threats in relation to changing trends and risk factors because crisis management is a dynamic and ongoing process.
To assess risks and implement a management process, you can outsource a cybersecurity company. What is included in this process? For example, we 10Guards conduct a discovery of how your business works, identifying main threats and risks to business processes. Then we introduce a risk matrix and carry out the assessment, based on qualitative and quantitative methods. We define the strategy with the options for each risk response, depending on its probability and potential damage. We prioritize your risks and provide recommendations on how to work with them.
If necessary, we develop and implement risk management processes for both existing risks and those that will arise in the future, as well as provide consulting support.
Business leaders should be considering cyber as a strategic risk to their organization and including it in their executive level, enterprise risk management programs.
Some preventative measures an organization can take now, from a technical point of view, is to put firewalls in place to protect and separate a business’s operational technology and IT environments. And, from an administrative standpoint, responsibility for security should be assigned to an individual within the organization who is specifically focused on [technology] security (CISO) or outsourced specialist or even a team, the so-called virtual CISO.
Every modern company should have a cyber incident response plan that contains the necessary steps to take when an attack hits. A successful plan identifies the team—made up of key stakeholders from IT, management, communications, and legal – that is responsible for addressing the incident. It’s important to refresh this document frequently to account for employee turnover and advances in both technology and cyber threats.
A well-structured response plan helps to quickly relaunch business processes, company activities, restore data that was lost or compromised during an incident and reboot your information systems.
It’s not enough just to have a response plan for cyber incidents Business leaders responsible for critical infrastructure protection should already have disaster recovery/response and business continuity plans in place and should be exercising them through tabletop exercises and regular audits.
Business leaders should know who they are going to contact before these events take place and hopefully have working relationships. This is done through prior planning, preparation, and simulation of events. If they have not done this yet they are in trouble.
Cybersecurity is an ongoing process. Cyber attackers are constantly improving their techniques, exploring new vulnerabilities and advanced technologies. That is why a company’s systems need to be continuously updated to keep up with new threats and ensure the highest level of security is in place.
The human factor remains the key vulnerability of every organization. What should be done? Of course, to increase the level of cybersecurity awareness of your employees. Regular cyber awareness trainings based on real cases help either keep everyone in good shape and develop the necessary skills and knowledge to put them into practice.