[BreachExchange] With cyber attacks on the rise, business continuity plans are more vital than ever

Audrey McNeil audrey at riskbasedsecurity.com
Mon May 1 18:57:35 EDT 2017


With more and more UK businesses falling victim to cyberattacks each year,
it’s no secret that many firms still have a lot to do when it comes to
cybersecurity. The problem is that an attack of this nature can create
total chaos for businesses of all sizes, so when these incidents do occur,
it’s vital that firms respond very quickly and with as little disruption as

Oxford Economics has reported that companies’ share prices fall by an
average of 1.8 percent following a cyberattack. As a result, it’s essential
that firms have the plans and resources they need to battle cybercrime
effectively – and also to recover from an attack very quickly.

In this regard, improving technology is actually the last piece of the
cybersecurity puzzle - the real work comes in undertaking risk assessments
and understanding what the potential risks to a firm’s assets are.
Regardless of how or when a cybersecurity strategy has been implemented, it
is therefore imperative that the senior management within an firm takes
responsibility for its security.

Of course, management will not be able to protect the business on its own.
In order to keep these cyber threats at bay – and show that the company is
ready to deal with the consequences if its defences are in fact breached –
firms will need to have relevant safeguards are in place, ensure that their
employees are well trained, and commit to reviewing their cybersecurity
plans on a regular basis.

Prevention is vital

When it comes to designing a robust security strategy, businesses are now
facing pressure from multiple angles. Not only are there increasing
regulatory burdens to contend with, but from a technical aspect, firms are
also under continual pressure to modernise their systems to ensure that
their data is kept highly secure, yet instantly available for review and

A good starting point for firms looking to make improvements in this area
would be the ISO 27OO1 standard. ISO 27001 is a recognised industry
benchmark for managing IT security, which helps firms to manage their IT
security by reviewing, assigning controls and monitoring a number of key
processes. Implementing this standard is a great first step towards
determining what controls could be used to prevent cyberattacks and also to
improve a firm’s information security more generally.

Businesses should also consider creating an Information Classification
Policy (ICP) to ensure that any sensitive information is handled
appropriately from the outset. Using this model, firms can assign a risk
level to any sensitive information so that they can clearly set-out the
methods and appropriate resources for handling this data, as well as any
encryption, storage or transition requirements.

It’s also crucial that firms regularly update their business software,
especially if they hold large amounts of data. Working with outdated
applications can leave gaps for cybercriminals to attack, as they won’t be
as secure as some of the newer versions available to businesses. The same
is true for anti-virus software and firewalls. These security essentials
may have been around for a while now, but there is a reason for that; they
still play an important role in keeping firm’s safe from an attack.

Tools like these can go some way towards boosting security, but they are
still not enough; employees will also need to be educated on how to spot,
block and report suspicious activity to prevent cyber criminals from
accessing an organisation’s network. Employees should be taught to be on
the alert for any suspicious activity at all times. Hosting regular
seminars and workshops to raise awareness of internal threats is also
vital, as employees must be able to recognise any red flags and understand
exactly how and when to inform senior management about a possible breach,
whether it is internal or external.

Decreasing the damage

Even with the best will in the world, cybercrime will continue to impact
businesses across the globe.  As such, preventing a security breach is only
half the story: businesses also need to consider how they will recover in
the event of a cyberattack.

Cybersecurity and business continuity are actually two sides of the same
coin; by working in tandem, these strategies can help to mitigate both the
cost and impact of data breaches, as a strong business continuity plan will
enable firms to take immediate action if their IT system has been
compromised. When creating a business continuity plan, businesses should
therefore consider three key elements: resilience, recovery and response.

To guarantee resilience in the face of an attack, firms will first need to
ensure that their critical business functions will be largely unaffected by
such an intrusion. Arrangements also need to be put in place to recover
data and restore less critical business functions as quickly as possible.
Lastly and most importantly, firms will need to ensure that their employees
are ready and able to cope effectively with an unexpected attack.

All businesses need to have a robust cybersecurity plan in place to prevent
attacks and protect their data and systems, but it’s also important to have
a strategy in place to respond to a breach. Failing to take these
precautions can have an enormous impact on the business, not only
financially, but also in terms of its reputation. As such, businesses not
only need to create strategies that will help thwart an attack, but also be
prepared to deal with the fall-out in case the worst should happen.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170501/dfeb599d/attachment.html>

More information about the BreachExchange mailing list