Take a moment to imagine how your business would function without network servers, cloud based applications or even the internet. Chances are large parts, if not all, of your operations would halt. Across every industry our reliance on web or network based operational processes put businesses at real threat of cyberattacks. From small scale identity theft to globally orchestrated mass attacks, cybercrime is an ever present and ever evolving black cloud over the digital world.
The cost of cybercrime reaches far beyond the financial realm. Losing confidential data and private information of your company and your clients, customers and partners, brings with it an extensive list of legal, moral and reputational implications. Coupled with the financial cost, and potential fines and penalties depending on your industry, the risk is indeed significant.
Estimates by Juniper Research suggest by 2019 the increasing digestion of consumer information and enterprise data by hackers will raise the cost of data breaches to businesses to $2 trillion worldwide. While the majority of the financial cost will be felt by large corporations, according to a 2017 Data Breach Investigation Report, 61% of data breach victims were small to medium businesses with under 1000 employees. When it comes to experiencing a cyber crisis, the biggest mistake businesses can make is to think that it won’t happen to them, and fail to prepare. While defending against an attack is vital, no good cyber crisis strategy is complete without following a few key steps to prepare for the aftermath of a successful breach.
Conduct a Risk Assessment
Creating tailored solutions is the hallmark of the modern software developer or cloud solution. We are now able to customise almost all of our business networks, software and applications to integrate seamlessly within our business models, facilitating and directing processes, services, communication, recording and reporting. As each business’s IT infrastructure is unique, so too are the stress points and weaknesses within it.
Risk assessments are imperative in identifying not only the weaknesses in your security, but also to isolate and protect the most critical data. The 2017 DBIR found that 95% of phishing attacks were followed with the installation of some type of malware for data mining. As not all information is created equal, knowing exactly where to invest your time and money in security is essential.
Scalable Security Solutions
Risk assessments are also useful in creating scalable security solutions. So that as your business grows, you know when and how to adapt your security to avoid creating vulnerabilities. Whether you have the internal IT resources to conduct a risk assessment yourself, or need the help of a specialist such as CrossPoint to do the job, it’s the first step in creating a crisis plan.
Even for companies large enough to have their own IT and security department, engaging with professional cyber security experts throughout your crisis planning is ideal—especially for businesses with highly sensitive and confidential information.
Security Intelligence noted “global spending to combat cybercrime will top $80 billion [in 2016], with organizations increasingly focusing on detection and response because taking preventive approaches have not been successful in blocking malicious attacks”.
Advanced Threat Protection
There is strong growth in the new technology area of Advanced Threat Protection (ATP), a cyber security solution designed to protect against zero day threats and sophisticated malware attacks that target sensitive data. Available as a software solution or as a Managed Service, ATP solutions have three primary goals:
- Early detection
- Adequate protection
One of the key components of ATP is real-time visibility, the constant monitoring of systems to detect malware as early as possible. Without real-time visibility malware is often detected far too late, by which time the damage done can be extremely destructive.
ATP management services typically handle any detected threats, monitoring and analysing remotely so the victim can go about business as usual until such a time as the crisis is escalated according to a predetermined classification system. These classifications generally prioritise threats by the sensitivity of the data at risk and the potential damage, and can help you in knowing what level of crisis management you need to launch.
Create a Crisis Management Strategy
To effectively manage a breach in security, the first step is to have a solid understanding of exactly what your data loss means BEFORE you lose it. This means analysing all data in relation to legal and financial ramifications, and setting in place steps to be taken for each set of data in the event it is compromised. Key considerations for an effective crisis management strategy include:
- Internal escalation process: as not all data breaches will warrant a crisis response, plan your escalation process and identify when and to what level a breach should be escalated.
- Action plans: plan out detailed steps each team and appropriate team member or stakeholder needs to take once a crisis has been escalated. Basically use check lists, these pre-determined plans help streamline efficiency in the crisis stage.
- Communication strategy: how will you communicate the breach to your stakeholders and partners? Communication strategies are imperative and should ideally include pre-approved tone of voice, and pre- drafted messaging where possible.
- Data and information recovery: have a strategy in place to back up, secure and recover your data in the event your servers are compromised.
Data Backup and Recovery
Having a sound plan in place to back up your data and isolate servers goes a long way in mitigating damage once a breach has occurred. Managed security and ATP services are often coupled with managed data backup and recovery services to assist once a threat has been detected, and are worth investigating as a proactive response to a cyber crisis.
Cyber crisis goes well beyond cyber security in the IT department, so it pays to think critically about how each aspect of your business will react and respond when faced with a threat.