As the relationships between businesses and customers move increasingly online, last week’s denial-of-service attack on HSBC was a stark reminder of how dangerous cyber attacks have become. ICT continuity has quickly risen to become a top business and policy priority, and essential to safeguarding organisational survival.
Most organisations, regardless of size or sector, are dependent on their ICT infrastructure to deliver products and services. Any disruption can negatively impact operational capability, and by extension, do damage to reputation, profitability and even potential for future growth.
Recent reports suggest that the effects of defending against, and recovering from, online attacks costs Britain about £27 billion a year, with one London business alone losing £800 million in a single incident.
The statistics paint a worrying picture:
- 59% of us have been affected by a cyber attack either at home or work
- 27% of businesses have been affected by a system attack 4 or more times in the last year
- An average of 400,000 users are affected for every major incident involving mobile phone networks
- An incident caused by a malicious attack lasts for an average of 31 hours, and the knock-on effects can last for months
Despite the growing complexity and severity of online threats, there are steps you can take to remain operational or return to normality quickly following a cyber attack.
- Evaluate your threat landscape – where are your weak spots? These can cover the physical as well as the technical environment of your systems and the people who manage these.
- Ensure that the board remains engaged with cyber risk
- Train all staff in cyber security measures and raise awareness of the threats – both general and role-specific
- Create an incident management plan and disaster recovery capabilities
- Rehearse your response to a cyber attack through regular scenario-based exercises and simulations
- ‘Get Safe Online Week’ has information and tips on everything from business fraud to cloud computing via how to write a staff policy.
- GCHQ has released ’10 Steps to Cyber Security’ for Executives with advice on managing cyber risks within corporate governance, scenarios and next steps.
- The USA’s Cyber Security Awareness Month, which is drawing to a close at the end of October, offers lots of useful resources and tips on staying safe online both personally and professionally.
- Learn how to thoroughly prepare and rehearse your organisation against the threat of cyber attack with Steelhenge.
- Verizon’s 2012 Data Breach Investigations Report details the threats and mitigations for cyber and information security