Cyber attacks have been in the news consistently and for long enough for us to be sure they’re now inevitable. The question we need to be asking is how to handle them when they happen.
An article by the Harvard Business Review called “Cyber attacks are inevitable. Is your company prepared?” says: “Hackers constantly and consistently test your defenses and reactions. You must do the same.”
It also quotes a Poneman survey which found that 47% of organisations have not assessed their readiness to withstand a cyber attack. In other words, the first time these organisations will test their incident response plan will be at the worst possible time, when they’re in the middle of a cyber attack.
The quicker your organisation can detect and respond to a security incident, the less likely it’ll have a serious impact on your data, customer trust, reputation and possible loss of income.
How can you prepare for a cyber attack?
The first thing to do is create an incident response plan.
The next is to sit down and test that plan using practical, think-it-through exercises. The HBR has found – through its work helping organisations of all sizes, from small and domestic to enterprise and international – that fire drills and table top exercises are a great way to prepare for the worst. Doing these exercises usually exposes something that wasn’t previously obvious, such as:
- Flaws in your plan
- Who to call
- Unexpected risks
- Impacts that are beyond business continuity
- The need to invest more in cyber security
Through practical exercises you should be able to establish what isn’t going to work, and then fix what needs fixing before it’s put in action.
The next thing to do is test your plan so that actions per person are clear in the event of a cyber emergency:
- Get your team together
- Sketch the scene of a likely cyber incident
- Create the scene, giving each team member a role in the recovery
- Discuss and agree on action plans
- Regularly test your backup and cyber security, and business continuity plan.
HBV reports that companies who carry out fire drills and table top exercises say they’re better prepared for a cyber attack and more cohesive as a team in the face of any kind of crisis.
Do you have proper data protection in place?
New all-in-one cyber security and backup product gives more peace of mind