Given current threat levels, all organisations should assume that they will experience some sort of cybersecurity incident sooner or later – probably sooner.
This is according to Nadia Veeran-Patel, manager: cyber resilience at ContinuitySA, who says: “Plan for the worst and, most important of all, know what to do when an incident occurs. Understanding that a successful attack will be launched is the basis of a proactive approach to information-security and risk management,” she advises.
“Our Cyber Resilience service examines critical information assets, plans for mitigation and remediation, and response-and-recover measures. In short, we make sure you have a plan, and know how to use it.”
The statistics say it all. The SiteLock 2019 Website Security Report indicates that while hacks have become harder to detect, the number increased by 59% in 2018. The Report makes it clear that small businesses are as much targets as larger corporates—virtually all businesses have websites nowadays, and 17.6 million websites have malware at any given time.
The numbers of people affected by site hacks are mindboggling—just one example is that 147.9 million consumers were affected by the Equifax breach in 2017. Seventy percent of organisations say that they believe their security risk increased significantly in 2017.
However, says Veeran-Patel, it’s critical to look at cybersecurity holistically. “After all, while plenty of attacks do indeed arrive via the Internet, they can also show up at the front desk with a USB-drive, or peer over your shoulder in busy coffee shop,” she notes.
“Organisations need to conduct a proper risk assessment and then develop a road map matched to their cybersecurity strategy—you need to know where you are going and how to get there. It’s also important to get guidance on the tools necessary to address any gaps and minimise the risks identified.”
Once an attack has happened, it’s important to take the time to evaluate the short-, medium- and long-term impacts. These will vary, but one basic business resilience measure that will reduce the impact of threats is reliable, consistent and easily accessible backups. Partnering with a reputable business continuity partner will ensure that backups are expertly maintained and cloud hosting will ensure they are always available.
In summary, Veeran-Patel says that the following best practices should be followed:
- Plan for the worst, and ensure you identify your risks and mitigation strategies upfront.
- Make sure you have a reliable backup process in place, with a clear understanding of what your information assets are, how often they should be backed up and how quickly each one needs to be recovered. These decisions need to be made by the business in conjunction with the IT department, never just the latter.
- Identify owners of information assets across the business and ensure that they are part of the risk-management process.
- One final point is that cybersecurity is ultimately a function of corporate culture. Everybody in the organisation needs to understand the risks, and the role they can play in making the organisation secure. For example, people working in public spaces are especially vulnerable, and visitors to the office can abstract vital information from unattended desks.
“Cybersecurity is everyone’s responsibility. Knowledge and awareness are probably the most important pillars of a successful defence strategy,” she concludes. “Regular security awareness training that emphasises what the threats are, how they change (and updates on new methods) and the impacts threats can have. Interactive staff workshops have proven very successful, they promote sharing and management of expectations.”