It’s Business Continuity Awareness Week – Why communication is vital during a cyberattack
15-19th May, 2017 is Business Continuity Week! The annual Business Continuity Awareness Week (#BCAW2017) takes place this week. This year’s theme is cyber security and assisting business continuity professionals during cyberattacks or data breaches. Everbridge’s mission is to improve communication in the midst of a crisis – whether it be a threat to public safety or a cyber-attack. According to Cisco’s 2017 Annual Cybersecurity Report more than one third of the organizations that experienced a cyber breach in 2016 reported a loss of customers, business opportunities and revenue. The 2017 SonicWall Annual Threat Report reported an increase from 3.8 million ransomware attacks in 2015 to 638 million in 2016. In March 2016 alone, ransomware attack attempts rose from 282,000 to 30 million. Indeed the BCI Horizon Scan Report in 2016 showed that for the second year running it was cyber attack that was the number one threat, with data breaches moving up to second. To limit the damage of a cyber attack, it is important that business continuity professionals consider the following questions:
- What threats could impact your organization?
Companies should understand the type of threat the organization could experience and the impact it could have. For example, it could result in loss of services or data. The solution will differ depending on the threat.
- Do you have a response plan?
Cyber-attacks often happen out of office hours. An IT incident response plan must be in place to combat an attack even if it happens at 5am. An efficient response plan will include methods of communication for specific stakeholders.
- Who needs to be included in an IT incident response plan?
- IT Security: is likely to fix the issue. If an organization does not have a dedicated security team, employees must be assigned to deal with a security crisis when it occurs.
- Incident Team: who is going to co-ordinate the response? Who should be contacted following a breach and how are you going to reach them? Define an escalation point.
- Legal-counsel: if, for example, customer credit card details are stolen, legal support may be necessary.
Power of cloud-based communications platforms Most organizations rely on internal email to communicate in the event of a crisis, despite the fact that a cyber-attack might impact the email network. In doing so, organizations are exacerbating the issue and potentially providing hackers with critical company information. Cloud-based critical communications platforms operate entirely independent of an internal communications network. Organizations can ensure that the bilateral lines of communication between management and staff remain open. By using cloud technology to automate the time-intensive emergency cascade process, resources can be deployed far more effectively and efficiently than before, ensuring that the safety of everyone involved is better protected. In doing so, communications technologies can not only help protect business assets but save the lives of employees. In an emergency, organizations cannot waste time searching spread sheets and schedules to manually notify employees. With cyber-attacks in the UK costing businesses an average of £4.1 million and taking 31 days to resolve, it is more important than ever that business continuity professionals review their response plans to ensure timely responses. During Business Continuity Awareness Week the focus is on Cyber Resilience and we’re hosting 2 live webinars which are free to join from across the globe. Both sessions will be available OnDemand via the Bright Talk Channel:
- May 17th 3:30pm BST Critical Communications for the Life-cycle of a Cyberattack register here
- May 18th 2:00pm BST Carry your Cyber Response Plans in your Pocket register here
It’s now a question of when not if your organization will be affected by a cyber-attack – so act now to ensure you are prepared for an effective response. Download your cyber security preparedness kit here.