Responding to Cyber Incidents
The overwhelming majority of organizations now depend upon online services to support their business and this exposes them to cyber security risks. While most have security protection technologies in place few have a plan for how they would respond to a cyber incident. Today, the question is not if your organization will suffer a cyber incident but when - and this makes it essential to have a plan.
1 Executive Summary
According to a UK Government survey - “Over four in ten businesses (43%) and two in ten charities (19%) experienced a cyber security breach or attack in the last 12 months.” - however, “While 90% of businesses had preventative security technologies like firewalls, anti-malware and security patching tools in place, only 27% had a formal cyber incident response plan.”
Cyber criminals work together to attack organizations using ransomware, social engineering other sophisticated cyber tools to steal intellectual property and personal data, to blackmail organizations as well as to fraudulently obtain money and payments.
While it is important to spend on prevention, it is also vital to prepare for an incident. When a cyber incident or data breach occurs, you need a plan for what to do.
Not having an incident response plan can lead to:
- Increasing the risk to your customers and business by failing to promptly identify what has happened at what data is affected. Your customers inundating your help desk with calls.
- Financial penalties for failing to properly manage the incident. Loss of revenue, customers as well as reputational damage. The cost of the data breach that affected the UK telecommunications company TalkTalk in 2015 cost £77M.
- Confusion and poor communication with your staff not knowing what to do. Extra costs for outside help to collect forensic evidence, eliminating malware and recovering your systems.
- Your CEO being confronted by TV News when arriving at the organization’s headquarter.
You should act now to test your organization’s cyber incident response plan if you have one or to create one if you haven’t.