Cyber Resilience: How to Create a Strong Plan

Whilst we are living in a technology centric society, it’s unfortunate that we can never be 100% immune from a cyber-attack. We can, however, be prepared to deal with them for when they happen. Having a solid cyber resilience plan can vastly reduce the impact an attack has on your business and your customers.  

Over the years, an ever-increasing number of businesses are investing their time into preparing strong and effective plans to deal with cybercrime, as well as implementing strong cyber security systems. 

– 

Cyber Security vs Cyber Resilience  

Cyber security acts as the wall that protects your system from hackers, but what is cyber resilience? Cyber resilience is the plan you implement when something gets around that wall.  

The most important thing to remember when thinking about your cyber security and cyber resilience plans is that it should not be a case of picking which one you want to focus on – both are equally as important as each other. Having security does not guarantee a bullet proof system. 

The Importance and Benefits of a Cyber Resilience Plan  

Despite having protections in place in terms of cyber security, you need to assume that your business will be the aim of a cyber-attack, which is why cyber resilience strategies have grown in popularity over the last few years.

Creating and implementing an effective action plan will provide numerous advantages to your organisation:  

Integrity  

Having little to no cyber resilience plan can prove detrimental to your business and its integrity. With no solid blueprint in place, there is no telling the extent to which cyber criminals can affect your business and valued customers.  

A solid plan protects organisations from public criticism, loss of revenue, administrative fines, or even worse, business loss.  

– Law  

Ensuring your organisation complies with legal frameworks and requirements that are in place to protect businesses and the public offers a valuable advantage towards your resilience action plan. Two of the most important legal structures to abide by are Network and Information Systems Directive (NIS) and General Data Protection Regulation (GDPR).  

NIS requires organisations to take reasonable steps to ensure protection and to inform the relevant national authority of any serious incidents. GDPR is in place to protect citizen data privacy and to restructure and reinforce the way organisations handle data privacy.    

– Enhancing System Protections  

Building a solid resilience plan can also provide essential cyber security protection. Advantages include building a solid IT governance strategy, enhancing safety and security around your sensitive and valuable assets, strengthening your data protection efforts and preventing natural disaster impacts.  

– Trust 

Building a strong resilience plan has numerous advantages for your clients and vendors too. Enforcing your plan will ensure that their sensitive data is stored in the appropriate manner and, in turn, will ensure strong foundations in which trust is built between professional relationships.  

Having clients and vendors that trust you to manage their data appropriately will also provide your organisation with a strong reputation.  

– Improving Work Culture  

Creating culture in your organisation that strives for total data protection will vastly reduce the likelihood of sensitive (and potentially confidential) information falling into the wrong hands.  

Reducing Losses 

As painful as it may be, no company is immune to a cyber-attack, regardless of how strong their cyber security is. Estimates say that SMEs can lose around £100,000 as a direct result of a data breach, and that figure rises to around £1 million for large corporations.  

A successful security breach on your own organisation can also harm other organisations of the same and/or similar industries, as public trust is likely to fall. It is also possible that organisations that fall within your supply chain are damaged in your attack due to sharing sensitive data and systems.  

When you have a cyber resilience plan in place however, this will reduce the overall impact the attack has on your company, including, but not limited to, financial loss.  

The Step-By-Step to Creating a Cyber Resilience Plan

Preparing for and expecting an attack, is one of the most crucial steps you can take to protect yourself, your organisation, and your clients. These cyber resilience tips will help you build a stronger cyber resilience plan.  

Step 1: How to Prepare for a Cyber Attack 

One of the first steps you need to take when creating a cyber resilience plan is to identify electronic information that is crucial to the operations of your organisation. This includes items such as contact details, emails, calendars and important/confidential documents. Find out where this information is stored and then take steps to make backup copies daily/weekly, on an external hard drive for example, and then regularly test that the backup is in working order to ensure the information can be restored from it. It’s worth nominating a second or third person to be in charge of backing up these documents when the first isn’t available. 

Have a think about what you can do to minimise reputational deterioration. What key stakeholders would it be imperative to inform about an attack on your organisation? Building strong and trustworthy relationships with these people will make things a lot smoother should an incident occur.  

Creating a list of key stakeholders that you would need to contact for different types of incidents will ensure every appropriate person is made aware. Has payment data been compromised or stolen? Customers and banks need to know. The Information Commissioner’s Office (ICO) also need to be made aware. Corporate accounts attacked? Suppliers should be contacted in this case. 

Have you also got the most up to date contact information for not only the people above, but those who you would need to contact to help identify an attack? Your web hosting provider, IT support and cloud services provider, for example. Ensure your contract explicitly details to what extent they can assist you and at what point you should be contacting them. It’s also important to ensure you are regularly checking these contact details every couple of months so that they are up to date.  

Providing effective staff training is also an extremely important step to ensuring a strong resilience plan. Try creating a bank of potential incidents and test them on how they would react to each. This is a great to way to create initial plans before testing your staff, and then also have the opportunity to develop and evolve the plans once the training takes place and more people have the ability to offer their expertise and ideas.   

Regional Cyber Resilience Centres (CRCs) have been established up and down the United Kingdom to provide invaluable information about how you can prepare for a cyber attack and build a strong cyber resilience plan. Find your nearest Cyber Resilience Centre here.

Step 2: Identify What Type of Breach You Have Suffered 

When it comes to dealing with a cyber-attack, the first thing you need to do is identify that one has taken place or is still ongoing. 

Are your computers running on the slow side? Perhaps people are being mysteriously locked out of their accounts or are unable to access documents? You may see a frightening message demanding a ransom for the release of your files or customers may also be contacting you to inform you that they are receiving strange emails coming from your domain? Are your internet searches being redirected, or seeing requests for unauthorised payments? All of these are signs of a cyber-attack, and you should be taking instant action to find out what has happened.  

10 Crucial Questions You Need to Ask Yourself 

  1. What problem has been reported and by who? 
  1. What services, programs and/or hardware aren’t working? 
  1. Are there any signs that data has been lost? You may have received ransom requested and/or have noticed your data has been posted on the internet.  
  1. What information (if any) has been disclosed to unauthorised parties, deleted or corrupted? 
  1. Have your customers noticed any problems? Can they use your services? 
  1. Who designed the affected system and who maintains it? 
  1. When did the problem occur or first come to your attention? 
  1. What is the scope of the problem and what areas of the organisation are affected? 
  1. Have there been any signs as to whether the problem has occurred internally within your organisation or externally through your supply chain? 
  1. What is the potential business impact of the incident?  

Step 3: Resolve the Incident 

Do you manage your IT internally? Now is the time to action your incident plan that you created in Step 1, depending on the nature of the incident, you may want to: replace infected hardware, restore services through backups, patching software, clean infected machines and/or change passwords.  

Is your IT managed externally? Get in contact with them immediately as they are there to help you, fix the problem and confirm the impact the attack has had on your organisation.  

Step 4: Reporting to Wider Stakeholders 

Once a circumstance has been resolved, you will more than likely be required to formally report to internal and external stakeholders. Legally, there are certain instances that you are required to report to the Information Commissioner’s Office (ICO), even if your IT is done externally.  

Its important to remember that a cyber attack is a crime and should always be reported to law enforcement. This is strongly encouraged as many go unreported, mainly due to personal and professional embarrassment, but by reporting these incidents, it’s possible a similar attack has taken place on someone else. The more attacks that are reported, the more likely the perpetrators will be prosecuted accordingly.  

It’s important to keep staff and customers informed and updated of anything that might affect them, most notably if their personal data has been breached. You also may want to consider seeking legal advice if the attack has had a significant impact on your business and/or customers.  

Step 5: Learn From the Attack 

After the attack has been resolved, this is a good opportunity to review the strengths and weaknesses of your response. Make a list of things that went well and things that can be improved on. Implement these into your staff training to ensure everyone is up to date on your new strategies. 

How Can the NCRCG Help? 

Offering assistance to those with internal IT teams, and those seeking to outsource their IT, the 9 regional Cyber Resilience Centres we support are here to help businesses and organisations throughout the country.  

Contact us today to find out how we help you strengthen your security systems and plans for cyber resilience. 

Contact us

By

RELATED ARTICLES

NCRCG Welcomes CompTIA on board as a National Ambassador

Founded over 40 years ago and headquartered in the US, CompTIA is a world-leading information technology certification and training body….

READ ON

The team at the Shakespeare Birthplace Trust embraces cyber resilience

West Midlands CRC and Cyber PATH were delighted to recently work with the Shakespeare Birthplace Trust to deliver Security Awareness…

READ ON

Aviva partners with the Cyber Resilience Centre network to strengthen brokers’ cyber defences

This Cyber Security Awareness Month, Aviva has partnered with the Cyber Resilience Centre (CRC) network to launch a new campaign…

READ ON

HP joins national effort to fight cyber crime

The National Cyber Resilience Centre Group (NCRCG) is proud to announce HP as a National Ambassador this Cyber Security Awareness…

READ ON