Recent events in the news as well as trends in my own work have reminded me of how important it is for business continuity professionals to help protect their organizations against the impact of cyberattacks. In today’s post, I’ll list some ways BC teams can help their companies fend off this rising threat.
Related on MHA Consulting: Weighing the Danger: The Continuing Value of the Threat and Risk Assessment
CYBERATTACKS IN THE NEWS
The news this week contained stories reporting a serious recent malware attack against the City of Albany, New York. Malware attacks are a kind of computer extortion, where hackers encrypt an organization’s data and refuse to provide the key unless a ransom is paid.
One of the most concerning aspects of the story was that hackers reportedly obtained the personal banking data of some city employees and used it to raid those employees’ bank accounts.
This reminded me of how important it is for BC professionals to help their organizations fend off and recover from cyberattacks.
AN EXPENSIVE PROBLEM
The costs of cyber events vary but can be extremely high. The costs are dependent on the size of the organization and the type of data affected. The president’s Council of Economic Advisers recently published a study titled “The Cost of Malicious Cyber Activity to the U.S. Economy.” The study estimated that in 2016, the economic damage to the economy caused by cyberattacks was between $57 billion and $109 billion. The cost of such attacks to individual companies can be as high as $500 million.
Organizations must make planning for and preventing data breaches an ongoing activity.
How can BC professionals help their organizations defend against and recover from cyberattacks? They can and should help their organizations in the following ways.
OBTAINING CYBER INSURANCE
The BC team should help their organization obtain the appropriate types and levels of cyber insurance. In the present climate, every organization should have cyber insurance.
The only issue is determining what types of cyber insurance you should buy and at what coverage amounts.
In acquiring an insurer, you will likely also acquire a well-informed and highly motivated partner who can help you improve your cyber defenses. Your Risk IT Department may already have contacts – don’t reinvent the wheel here, let the experts in your organization do the work, but help as needed.
In obtaining cyber insurance, you should assess the level of protection you need for the following potential risks and losses:
- Theft and fraud. Covers the destruction or loss of data.
- Forensic investigation. Covers the legal, technical, and forensic services surrounding an event, including remediation.
- Business interruption. Covers lost income and related costs during or as a result of the event.
- Reputation Insurance: Covers the impact of the event on your brand and reputation.
- Computer data loss and restoration. Covers costs associated with the restoration of hardware or data.
WRITING A RESPONSE PLAN
The BC office should help the organization devise a response plan for responding to cyberattacks. This plan is separate from your other response plans. It can be part of your emergency response plan, but should at a minimum be a separate section with its own specific steps.
The cyberattack response plan should reflect the organization’s thinking on the following matters:
- Whether you can afford to shut down your online presence, online commerce, and online access. If so, then for how long?
- Are there portions of your systems that can be shut down, still allowing critical or limited access?
- Have you determined a decision point for shutting down access?
- Do you have a plan for communications during the event? The plan should address communication specific to a cyber event – which will be different from other outage events – across the following nodes:
- Internally, among the staff of the enterprise
- Social media (Facebook, Twitter, etc.)
- General media (news outlets, television)
REACHING OUT TO THE IT DEPARTMENT
The BC planner should connect with the IT department, verifying with them what technology solutions are in place to limit the rise of a cyber event.
GETTING THE RIGHT TRAINING
Finally, the BC office should ensure there is appropriate and robust training to prevent and deal with cybertattacks. This is known as Security Education Training and Awareness (SETA). This training should be constant and ongoing to be effective. The good news is it could be done in-house, as most likely the IT team has the knowledge to provide the necessary content with help from the communications team for development. If not, content can be provided by multiple vendors quite inexpensively. What’s more, training is the first line of defense. Most cyberattacks are enabled by the actions of an uninformed or careless employee, replying to a phishing attack or clicking on a malicious link.
A GOOD PLACE TO BEGIN
In the current environment, it is likely not a matter of if your organization will be targeted by a cyberattack, but when.
As a BC professional, you have the opportunity as well as the responsibility to help your organization prepare to prevent and fend off such attacks, and to swiftly recover from a successful attack.
The areas described above amount collectively to an excellent place for you to start, as you set about this important work.
For more information on this and other hot topics in Business Continuity and IT/Disaster Recovery, check out these recent posts from MHA Consulting and BCMMETRICS:
- Exercise Smarter: Include 3rd Party Experts In Your Cyber Exercises
- Ignoring Cyber Security Warnings: Disrupting the Norm
- Weighing the Danger: The Continuing Value of the Threat and Risk Assessment
- Cyber Security Planning
- Hanging Tough: The Mental Game in Business Continuity
- 1 Program, 6 Plans: The Half Dozen Plans Every BCM Program Should Have