The majority of organisations are concerned about cybercrime and being attacked and or held to ransom for their money and data. All commentators that cyber attacks will increase in 2017 with DDoS attacks amongst the most numerous. Few firms seem to be able to explain exactly what they would do if attacked. Who do you tell and how many do you tell? What happens next? Are you actually insured for when you have a cyber attack?
If you have got yourself organised you will have a Cyber Security Policy that clearly states what to do when a cyber attack actually happens or is suspected. Staff will already know who to tell and what procedures to follow. Much like an office fire drill, everyone will know where their muster point is and who the Fire Security Officer is.
A cyber attack should be managed in much the same way, insofar as a procedure will be followed, including contacting the Police, to whom your insurers will expect you to have reported. Different types of cyber attack will warrant their own response with ransomware denial of service attacks being one of the more shocking. Some firms just don’t believe it and ignore the warnings, only to find when they come to work the next day they are unable to access any of their data. What are you going to do?
Preparing for an attack will help manage a very stressful event effectively. Management and staff will be more responsive allowing your legal and financial advisers to respond more quickly. Training can be very useful in setting a standard, formed through the experiences and expertise of professional and possibly certified trainers. Whilst your IT department or person will know your network system’s technicalities, they are not always the best trainers.
Staff training is not a priority in every firm and is sometimes dismissed as ineffective. Whilst investing in better security software and equipment is usually seen as the answer, most cyber breaches are the direct result of human error. Being taught how to use and run your office network safely and to be smarter online can seem a little odd, but more firms are taking it seriously and reaping the benefits.
Adopting proven cyber security standards in your firm will keep it safer for the business, your clients and suppliers.