“Within the next 2 years, your organisation will be hacked. The key is how you respond – this is even more important than risk management”. This is the opinion of IBM Security’s senior technical leader Mike Spradbery.
Response is critical
Speaking at a Cyber Security Conference, Spradbery explained the importance of “responding well”, as this will have an enormous impact on your ability to contain and manage the risk. With the 72-hour breach notification deadline from GDPR in place, it is simply not an option to sit on the knowledge of a breach and decide later how you will respond. Instead, you must decide what you are going to do quickly and effectively.
The answer really depends on your organisation’s priorities. What’s the main outcome you need in this crisis? Do you need to minimise the amount of data that is stolen? Do you need to limit the financial impact? Or do you wish to gather evidence on the breach? If you haven’t worked out what is most important, you cannot determine how to respond. Once you have decided on the priority, you have the following steps to get through:
Planning your next moves to achieve your preferred outcome.
Identifying the biggest risk the breach poses.
In medical organisations like the NHS, the biggest risk is the loss of life. For the majority of other organisations, the risk is primarily financial. In military terms, a cyber attack is a ‘Boom’ moment – an improvised explosive device has detonated, and all you can do is work out what to do in the aftermath. The better approach is to have already determined what your response will be before the ‘Boom’ happens.
Planning the timeline
Think of the topics, actions and considerations before and after the Boom. The stuff before the Boom is relatively straightforward – primarily bolstering your defences and hoping to protect against the attack. The stuff after the Boom is everything that we hope never happens, and it can be difficult to prepare for it.
You need to think about having people with the right skills for this eventuality. You need to keep up with the ever-growing complexity of cyber attacks. Investing in cybersecurity is essential for all organisations, and SMEs are no exception.
A holistic approach
It’s about more than technology. It’s about skills and expertise. At Cyber Smart, we work on the framework of Cyber Essentials and Cyber Essentials Plus, as laid out in the standards of IASME. We can help you achieve certification that will make you fully Cyber Essentials and GDPR compliant, equip you with the tools and knowledge to protect against cyber-attacks and to respond appropriately when they occur. Get in touch with us today and we’ll answer your questions and set you on the path to optimal cybersecurity at your organisation.