Cyber-attacks, managed like any other crisis

  • July 11, 2017
  • Crisis Management

By Karen Stephens, Director Kestrel Group

Cyber-attacks are on the rise but crisis management teams should treat them like any other type of crisis. The right tools and training will have your crisis management team managing cyber-threats, and any other type of crisis, calmly and effectively.

Recent cyber events have highlighted that despite best efforts, companies still have weaknesses and remain vulnerable.  Even with the best IT security in place, the actions of individuals make organisations open to cyber-attack.

It’s no longer enough to have all the right systems, like firewalls and antivirus protection, in place because hackers are always out there trying to compromise these.  It’s just what they do, and so we will continue to see events like Wannacry and Petya occurring, and on a more frequent basis.

While companies still need to invest and make sure their IT security is maintained, they need to be aware that there is always the potential for new cyber threats to be released that aren’t yet covered by current security systems.

These cyber events have highlighted the need for companies to make sure that they have very good processes in place. That way when a cyber threat is identified the management team can implement a response and the company can continue to operate and to recover as soon as possible.

Following a cyber-attack, the time it takes to recover your systems may be beyond what’s acceptable for your business recovery purposes.  It’s going to take time to diagnose and write the patch to cover the latest vulnerability that was exploited, and this may take a lot longer than is tolerable for your organisation to be off line. You also may not have access to any crisis management and business continuity plans developed for such an event as they are trapped on your internal systems.

Management teams need to take ownership of cyber risk and not assume it is just the IT department’s problem, because when an attack happens it’s the business and customers that are affected.

Understanding the way your business needs to respond to any crisis is essential, and the fast-changing situations arising from a cyber event require quick decisions. Running an exercise to understand the impact on your business of a cyber outage will provide your management team with the understanding of the impact, and how to manage that, with limited or no access to computer systems.