{"id":3521,"date":"2021-02-23T10:23:13","date_gmt":"2021-02-23T08:23:13","guid":{"rendered":"https:\/\/10guards.com\/?p=3521"},"modified":"2021-02-24T21:17:29","modified_gmt":"2021-02-24T19:17:29","slug":"cyber-attacks-how-business-can-save-face","status":"publish","type":"post","link":"https:\/\/10guards.com\/fr\/blog\/2021\/02\/23\/cyber-attacks-how-business-can-save-face\/","title":{"rendered":"Cyber Attacks: How Business Can Keep Face"},"content":{"rendered":"<p class=\"qtranxs-available-languages-message qtranxs-available-languages-message-fr\">D\u00e9sol\u00e9, cet article est seulement disponible en <a href=\"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts\/3521\" class=\"qtranxs-available-language-link qtranxs-available-language-link-en\" title=\"en\">en<\/a>, <a href=\"https:\/\/10guards.com\/ru\/wp-json\/wp\/v2\/posts\/3521\" class=\"qtranxs-available-language-link qtranxs-available-language-link-ru\" title=\"ru\">ru<\/a> et <a href=\"https:\/\/10guards.com\/ua\/wp-json\/wp\/v2\/posts\/3521\" class=\"qtranxs-available-language-link qtranxs-available-language-link-ua\" title=\"ua\">ua<\/a>.<\/p><p>In the so-called new reality of 2020, when over 20 billion records with personal data and payment information were exposed, it is important for businesses to keep an ear to the ground. Every leader should be aware that there is no 100%-security guarantee! Therefore, any modern organization needs to craft a clear plan to be able to prevent or face cyber attacks and recover after them. How to address this issue?<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>The Importance of Full Disclosure<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>In the event of a cyberattack don\u2019t fail to notify those who are affected \u2014 including customers, employees, and the public. Withholding information or providing it with delay can lead to severe consequences and cause another crisis for your organization, damaging your reputation. Full and immediate disclosure of cyber attacks is an important crisis management best practice.<\/p>\n<p>&nbsp;<\/p>\n<p>Remember in 2017, the media was full of headlines that Uber was trying to hide the fact of a cyberattack? This behavior led not only to a decrease in customer confidence but also a $ 148 million fine.<\/p>\n<p>&nbsp;<\/p>\n<p>In 2017 Uber made headlines when it tried to cover-up its cyber attack, thereby making a bad situation even worse. As reported Uber had to pay a $148 million penalty to settle allegations it intentionally concealed a 2016 data breach.\u201d<\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Risk assessment and management<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Do you know that an early risk assessment is a critical aspect of crisis management plan development? Well before you face a problem, you should consider all potential risks, which absolutely must include cyber attacks. Organizations should continuously look for and address potential threats in relation to changing trends and risk factors because crisis management is a dynamic and ongoing process.<\/p>\n<p>&nbsp;<\/p>\n<p>To assess risks and implement a management process, you can outsource a cybersecurity company. What is included in this process? For example, we 10Guards conduct a discovery of how your business works, identifying main threats and risks to business processes. Then we introduce a risk matrix and carry out the assessment, based on qualitative and quantitative methods. We define the strategy with the options for each risk response, depending on its probability and potential damage. We prioritize your risks and provide recommendations on how to work with them.<\/p>\n<p>&nbsp;<\/p>\n<p>If necessary, we develop and implement risk management processes for both existing risks and those that will arise in the future, as well as provide consulting support.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Preventive measures<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Business leaders should be considering cyber as a strategic risk to their organization and including it in their executive level, enterprise risk management programs.<\/p>\n<p>&nbsp;<\/p>\n<p>Some preventative measures an organization can take now, from a technical point of view, is to put firewalls in place to protect and separate a business\u2019s operational technology and IT environments. And, from an administrative standpoint, responsibility for security should be assigned to an individual within the organization who is specifically focused on [technology] security (CISO) or outsourced specialist or even a team, the so-called virtual CISO.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Action plan<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Every modern company should have a cyber incident response plan that contains the necessary steps to take when an attack hits. A successful plan identifies the team\u2014made up of key stakeholders from IT, management, communications, and legal \u2013 that is responsible for addressing the incident. It\u2019s important to refresh this document frequently to account for employee turnover and advances in both technology and cyber threats.<\/p>\n<p>&nbsp;<\/p>\n<p>A well-structured response plan helps to quickly relaunch business processes, company activities, restore data that was lost or compromised during an incident and reboot your information systems.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Consistency<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>It&rsquo;s not enough just to have a response plan for cyber incidents Business leaders responsible for critical infrastructure protection should already have disaster recovery\/response and business continuity plans in place and should be exercising them through tabletop exercises and regular audits.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Working relationships<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Business leaders should know who they are going to contact before these events take place and hopefully have working relationships. This is done through prior planning, preparation, and simulation of events. If they have not done this yet they are in trouble.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Continuous update<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Cybersecurity is an ongoing process. Cyber \u200b\u200battackers are constantly improving their techniques, exploring new vulnerabilities and advanced technologies. That is why a company\u2019s systems need to be continuously updated to keep up with new threats and ensure the highest level of security is in place.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\"><strong>Employee awareness<\/strong><\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>The human factor remains the key vulnerability of every organization. What should be done? Of course, to increase the level of cybersecurity awareness of your employees. Regular cyber awareness trainings based on real cases help either keep everyone in good shape and develop the necessary skills and knowledge to put them into practice.<\/p>","protected":false},"excerpt":{"rendered":"<p>D\u00e9sol\u00e9, cet article est seulement disponible en en, ru et ua.In the so-called new reality of 2020, when over 20 billion records with personal data and payment information were exposed, it is important for businesses to keep an ear to the ground. Every leader should be aware that there is no 100%-security guarantee! Therefore, any [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":3520,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-3521","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/10guards.com\/wp-content\/uploads\/save-face-business.png","_links":{"self":[{"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/posts\/3521","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/comments?post=3521"}],"version-history":[{"count":3,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/posts\/3521\/revisions"}],"predecessor-version":[{"id":3526,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/posts\/3521\/revisions\/3526"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/media\/3520"}],"wp:attachment":[{"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/media?parent=3521"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/categories?post=3521"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10guards.com\/fr\/wp-json\/wp\/v2\/tags?post=3521"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}