NB – Update this text for phishing attacks
[Everybody knows it instinctively: preventing a data breach is a good idea. The amount of effort that goes into clearing up a data leak is extraordinary and best avoided. So, we spend time regularly reviewing our systems and testing our responses, right?
If only. Our research tells us that in the first six months of 2018, there were almost a thousand declared data breaches resulting in the loss of over 4 billion individual records. These are across email, web and other digital access points.
You’re right to be thinking of prevention rather than cure as you avoid being the next name on this growing list. Being prepared is key as many organisations don’t survive a cyber attack.
Is a cybersecurity exercise the right thing for our organisation?
We regularly get asked questions like:
- Why should we run a cybersecurity exercise?
- How do we dry run a cyber attack?
- How do we prepare for a cybersecurity breach?
- What are the benefits of running a cyber crisis scenario with our leadership team?
We believe that these exercises, combined with the best products will make sure that you are ready for a cybersecurity breach when it happens.
How do we get people to understand that we need to run a cybersecurity exercise?
You have some systems in place but they need dusting down. You should test them regularly to make sure that you can spot where the stress points are going to be for your organisation. A cyberattack exercise is a great opportunity to do this.
The CTO/Head of comms/GC or compliance need to convince the CEO that spending a day dry running scenarios is going to be a short-term sacrifice that will pay off in the medium term. If your CEO is already convinced of this need, then that’s a great start.
The day needs to be run by an external agency so that everyone can get feedback on their performance. The more independent this part of the process, the better.
How do we make a success of the day?
You need to make sure that three things work without snag for the day to be a success:
- People;
- Process; and
- Technology
It’s highly unlikely that your day will play out snag-free, because even if you run these scenarios again and again, times move on, people change roles or don’t quite play their role correctly, or the right technology isn’t deployed to counter the threat. But here’s the main point: you’re running the day to learn from the exercise and to test your systems against real life but stretching scenarios. Your systems will fall short, but that gap will allow you to improve how you tackle it in real life.
Over the course of the day, you’ll stretch your governance systems to the max, bring out any differences of opinion and spot the grey areas where roles and responsibilities (or rather expectations of them) do or do not overlap.
Lessons learned
In our experience, the biggest learnings from a day like this are this:
First – you’ll often need to update your tech and processes.
Second – you’ll probably need to look at governance and some specific skills training for your leaders and possibly iron out some of the roles and responsibilities issues; and
Third – the scenarios won’t be real enough so that you can just deploy them when a cyber attack occurs. But what you will be able to do is manage the differences – to tweak and improve the process to take account of the precise nuance of the scenario you’re in. Don’t underestimate quite how much time, energy, sweat and tears you’ll save by doing that.
Some questions to ask yourself
Are you obliged to run these exercises? Some organisations are under a legal or regulatory duty to do so.
Who should take part in the exercises? Getting this right is going to be essential if and when it happens in real life.
What are the main barriers to a successful cyber attack response? Your organisation will have its own points of difference, but broadly, in our experience, they will fall into:
- Process: Governance and areas of responsibility;
- Technology: Either inappropriately used or the wrong tech is deployed; and
- People: training/adherence to procedures/ understanding of how to escalate.
Next steps
At Trustify, we help people make the right decisions about the cybersecurity for their organisations every day of the year. If you’d like us to help you make the right choices, then please [get in touch].]
[Questionnaire:
Do you already have a secure email service in place?
What do you use for your underlying email system?
How many employees?
Do you use BYOD?
Do you issue mobile devices at work?
Then on to recommendations and pricing]
For SMEs
We provide products for start-ups and smaller accountants, insurers and retailers, medium-sized law firms and financial services companies, for schools and biotechs.
For Enterprises
We’re trusted to solve cyber-security for major organisations across the public, insurance, financial services, legal, pharmaceutical and accountancy sectors.
For SMEs
We provide products for start-ups and smaller accountants, insurers and retailers, medium-sized law firms and financial services companies, for schools and biotechs.
For Enterprise
We’re trusted to solve cyber-security for major organisations across the public, insurance, financial services, legal, pharmaceutical and accountancy sectors.