Failure to prepare is preparing to fail. That adage rings true in so many facets of our lives – the words of my primary school teacher still ring through my head at the sight of them, but she was right enough. It’s a good way to stay ahead of the game in terms of cyber resilience.
Cyber incidents are continually evolving, with new varieties of attack taking the fore on a seemingly weekly basis. In the last year, we’ve seen major Distributed Denial of Service (DDoS) attacks from botnets made up of insecure Internet of Things devices rendering popular connected services including Twitter, Github, Spotify among others unavailable. There have been repeated outbreaks of ransomware on a colossal scale, with WannaCry and NotPetya wreaking havoc one after the other and costing various organisations across the globe huge sums through downtime and lost data, not to mention the potential healthcare implications after the NHS were among the organisations brought to a standstill.
With such a variety of attacks striking in succession, each bringing their own symptoms and issues, how can organisations best be prepared for the next big attack – which could be just around the corner?
The recently released FTSE 350 Cyber Governance Health Check Report 2017 shows that attitudes towards the problem of security are improving, but there is still work to be done. The report, commissioned by the UK Government, is now in its 4th year and takes a close look at how the UK’s top 350 companies are managing their cyber risk.
The 2017 report shows that 58% of Boards have a clear understanding of the potential impacts resulting from a loss of, or disruption to, key information or assets, and 54% of Boards view cyber risk as a top / group risk, when compared with all the risks faced by their company; both figures which rose from 49% in the 2015-16 survey, and a distinct improvement.
Alarmingly however 68% of Boards surveyed said they have still not received any training to deal with a cyber incident. Given the substantial threat to organisations cyber incidents represent and the increasing frequency with which attacks are disrupting businesses, something must be done.
Ready to Respond
Having capacity to respond to a cyber incident is not a luxury these days – it’s a requirement of doing business. The Cyber Governance Health Check shows that Boards have come around to understand this, but steps still need to be taken to prepare Boards and the organisation as a whole for the eventuality of a cyber incident.
Having used time, money and resources on building up your organisation’s defences to be hardened against cyber risk, it can be tough to come to terms with the fact that it is still possible that an attack could breach your security measures and cause undesirable – and potentially catastrophic – consequences for your organisation. The simple fact of the matter is that cyber breaches will happen and those that are unprepared to respond will suffer most when hit.
No matter what form the next big attack takes, having in place a practiced Incident Response plan that’s understood by staff at all levels of an organisation will seriously pay off should your organisation be impacted by a cyber-attack. Our suite of Cyber Incident Response services puts the power in your hands to respond to attacks as they unfold.
Our technical first responders can triage and contain breaches, while our IR Consultants can deal with the relevant authorities and regulators, as well as communicating with clients and potential victims if necessary. All of this frees you up to focus on your organisation and restoring normal operation.
You’ll also receive training with our cybersecurity experts so you know the steps to take should you have to initiate a cyber incident response.
There will be no klaxon announcing the arrival of a cyber-attack on your network or organisation; doors won’t be battered off their hinges and there won’t be a hacker in a hoody sitting at the desk next to you. Cyber Attacks generally work away as silently as possible – by the time they’re found it’s usually too late.
Implementing a managed detection solution means you can stop cyber-attacks in their tracks, no matter how discrete they may be. Our managed Security Information and Event Management (SIEM) and Security Operations Centre (SOC) combined service monitors your network and devices constantly for signs of unusual behaviour and Indicators of Compromise, ensuring you’re alerted of any threats impacting on your network. This facilitates a proactive response to compromises, minimising the potential impact to your organisation.