According to government research, two-thirds of large businesses suffered a cyber attack or breach in 2016 and if you think that is worrying, Accenture has suggested that two-thirds of companies across the globe face these attacks on a weekly or even daily basis.
With so many businesses suffering from cyber attacks, it would be easy to assume that the majority of organisations have robust cyber security policies or emergency plans in place so that they are prepared for what is now an eventuality. However, the Government’s 2016 cyber security breaches survey discovered that only a third of all the firms surveyed have a cyber security policy in place and only 10% have an emergency plan.
A recent poll shows that the annual cost of cyber security incidents to UK companies is over £34bn. When cyber attacks are costing businesses an average of £1.46m, how is it that so few organisations are on board with cyber security and preventing loss to their company?
The prospect of preparing for a cyber attack can seem increasingly overwhelming and the larger the organisation, the larger the infrastructure to secure. However, it‘s no longer a question of ‘if’ but ‘when’, so continue reading to find out what you should prioritise when preparing for an attack.
It’s impossible to predict when your organisation will be hit by a cyber attack or even what form of attack it will be, especially as breaches now come in all shapes and sizes including DDoS, Phishing attacks, Malware or a Virus. The important thing to remember is to be vigilant and ensure that you are prepared for incidents when they do occur.
Many people believe that simply making regular backups will suffice to ensure an adequate recovery plan, however many people fail to take into account that those backups can also be corrupted, this was illustrated by GitLab’s incident last year which resulted in major data loss. If you’re relying on backups as your recovery plan, it is essential that you run regular tests on these systems, to ensure that you will be able to safely and effectively restore your network.
Being prepared can help your organisation minimise the risk of any unforeseen complications that could cause further damage. Simple actions, such as creating checklists, can decrease the risk of further loss or reputational damage. Every company should have a list of key tasks that need to be undertaken both during and after an attack, and each of those tasks should have a clear owner. Your plan should also include steps to document each action as it happens and assign responsibilities along the way so that nobody is unaware or unsure of what their role is during or after a breach.
Once you have a plan in place, you should test it regularly with simulations and practice runs as this will make it easier for you and your staff when the time comes.
Communication is key
Communication plays a huge role in preparing and recovering from a cyber attack. Your response teams should be adequately briefed on all policies, including announcing and dealing with problems within the relevant internal teams, and also to your customers and stakeholders. A combination of consistent messaging and regular updates are key to preventing confusion and a greater loss of trust from your customers.
Remember the people
With the rise of SaaS products, we have all become accustomed to being several steps removed from the systems that we use every day and often forget that there are people behind the scenes that ensure that they continue to run smoothly. However, every system, no matter the size, has a group of IT workers that are required to deal with security issues at all times, but even more so when the system breaks.
Humans are people after all and can make mistakes, as Amazon’s recent AWS S3 outage shows, not only that a simple typo will do the trick, but it “has proved that no one is immune to downtime including the internet giants.” Inevitably, security issues and cyber attacks will place tremendous stresses on your IT team and the awareness of the imminent risks that cyber attacks have can be counteracted with general awareness campaigns within your organisation. Recognising that humans both build and fix your systems is important for staff wellbeing and understanding. Movements like HumanOps, that focus on the human aspects of running infrastructure, reinforce this message and helps put the emphasis on adjusting and adapting expectations on a business level to ensure that the health of teams running the systems, and not just the systems themselves, are focussed on.
It can be perceived as an industry standard policy to focus on maintaining your organisation’s website uptime as a metric to assess your security, but cyber attacks may be much more subtle than expected. Website defacement is now becoming more common and can have severe effects on a business’s reputation when either a part of, or the whole of a website’s content is changed by hackers. This can often result in a negative outcome for the overall organisation. Google Brazil’s domain was hacked by a single person who defaced the official landing page in January 2017, showing that no company is safe from cyber attacks.
Cyber attacks can regularly cause panic within an organisation, but with the previous suggestions in place, you and your teams should be able to avoid extended downtime and extensive financial damage. By having a plan in place, you are able to ensure that all staff members are equipped and know what to do in an emergency to get systems back up and running and reduce confusion. You may not be able to prevent a cyber attack, but with plans in place, you should have everything you need to survive it.