Cyber Security Tip of the Week #15 - Have a business resilience plan

Almost daily we read about the latest cyber crime. As a result I suspect many organisations believe that they are defenceless and put cyber crime to one side. Believing it will never happen to them or that there is nothing that they can do to stop it.

Most of what read about in the press are the major incidents. The huge companies with cyber crime incidents that effect hundreds of thousands if not millions of customers.

What we do not read about each day in the press are the small office fires, floods and break-ins that happy daily across the country daily. And yet no company would dream of not taking precautions to protect their office from these types of incident. The installation of good quality door locks, fire and burglar alarms is ubiquitous. Cyber crime is not an IT issues but a business issue and should be thought of in the same way that we protect our homes and offices. The 10 Steps To Cyber Security for Smaller Firm are the basic security locks for IT.

Solid defences are only part of the story. Once a cyber crime or data beach has occurred – and it will – then what happens? Do you have a business resiliency plan?

Plan to be resilient  

Creating a compressive plan is not a five minute job. It will take effort and consideration. Often making use of a range of people in an organisation who may have a particular understanding of one aspect of how your business operates.

I would suggest considering the following IT issues as a starting point for any business resilience plan:

  • Hardware failure of key IT equipment, servers, Wi-Fi or network switches
  • Loss of power
  • Fire or theft
  • Theft of equipment – this should be treated as data breach and trigger your client communication plan. In the future this should also trigger a report to the ICO.
  • Loss of connectivity – particular concern if you use a cloud based application. In the near future Making Tax Digital will also need to be considered.

Are staff able to work from home?

How will you alert or communicate with your clients?

Do you regularly test your backups?

Have you got a printed version of the business resilience plan at home?

How about your client connect information?

Do you know the name of a local plumber/electrician/IT supplier?

The more you think about the impact of a disaster the more detailed and useful the plan will become. A comprehensive plan will make any company more resilient when disaster strikes.

Treat cyber crime like any other business issue

Equal consideration should be given to cyber crime related events:

  • Ransomware – you can read about how to protect yourself from ransomware here.
  • Malware/virus – these may be detected at the time they become active or they may not be detected for weeks. Once detected steps need to be taken to identify what the malware did and how wide spread it is across an organisation. This will provide a picture of the scale of impact. Call in an outside IT provider as necessary.
  • Data breach – Loss or theft of data. Passwords almost certainly need to changed. Do you need to inform your suppliers? What kind of data was taken personal data, passwords or credit card information?
  • Denial of service – Consider this in the same manner as you would loss of connectivity. What are you alternative working plans? Have you seen a ransom demand? Speak to you internet connectivity service provider, what sort of protection do they offer (it could be none). Keep in mind that may web site hosting companies host many web sites on the same server. So if another web site on the same company is attacked yours could be taken out at the same time.
  • Insider threat – As the Snowden leaks have demonstrated this type of cyber crime can be devastating. To be treated like any other cyber crime, with the added complexity of HR issues.

In all these cases you almost certainly will need to a client communication plan. Always inform Action Fraud.

Being prepared for an incident will place any company in a stronger position to survive. Be that flood, fire, theft or cyber crime. 

Our Cyber Security resource page is at icaew.com/cyber 

Previous tip 

CSTOTW index