Nadia Veeran-Patel | Manager | Cyber Resilience | ContinuitySA | mail me |
Given current threat levels, all organisations should assume that they will experience some sort of cyber security incident sooner or later – probably sooner. Plan for the worst and, most important of all, know what to do when an incident occurs.
Understanding that a successful attack will be launched is the basis of a proactive approach to information-security and risk management.
Critical information assets, plans for mitigation and remediation, and response-and-recover measures need to be examined. In short, you need to make sure you have a plan, and know how to use it.
Malware
The statistics say it all. The SiteLock 2019 Website Security Report indicates that while hacks have become harder to detect, the number increased by 59% in 2018.
The report makes it clear that small businesses are as much targets as larger corporates – virtually all businesses have websites nowadays, and 17.6 million websites have malware at any given time.
The numbers of people affected by site hacks are mind boggling – just one example is that 147.9 million consumers were affected by the Equifax breach in 2017. Seventy percent of organisations say that they believe their security risk increased significantly in 2017.
However, it is critical to look at cyber security holistically. After all, while plenty of attacks do indeed arrive via the internet, they can also show up at the front desk with a USB-drive, or peer over your shoulder in busy coffee shop.
Organisations need to conduct a proper risk assessment and then develop a road map matched to their cyber security strategy – you need to know where you are going and how to get there. It’s also important to get guidance on the tools necessary to address any gaps and minimise the risks identified.
Resilience measures
Once an attack has happened, it’s important to take the time to evaluate the short-term, medium-term and long-term impacts. These will vary, but one basic business resilience measure that will reduce the impact of threats is reliable, consistent and easily accessible backups.
Partnering with a reputable business continuity partner will ensure that backups are expertly maintained and cloud hosting will ensure they are always available.
In summary, the following best practices should be followed:
- Plan for the worst, and ensure you identify your risks and mitigation strategies upfront.
- Make sure you have a reliable backup process in place, with a clear understanding of what your information assets are, how often they should be backed up and how quickly each one needs to be recovered. These decisions need to be made by the business in conjunction with the IT department, never just the latter.
- Identify owners of information assets across the business and ensure that they are part of the risk-management process.
- One final point is that cyber security is ultimately a function of corporate culture. Everybody in the organisation needs to understand the risks, and the role they can play in making the organisation secure. For example, people working in public spaces are especially vulnerable, and visitors to the office can abstract vital information from unattended desks.
In conclusion
Cyber security is everyone’s responsibility. Knowledge and awareness are probably the most important pillars of a successful defence strategy.
Regular security awareness training that emphasises what the threats are, how they change (and updates on new methods) and the impacts threats can have. Interactive staff workshops have proven very successful, they promote sharing and management of expectations.