Which of the following examples have you experienced?
- You go to get coffee; upon returning, you see that you've left your laptop open with the files you were working on visible.
- You put a file in your bag intending to look at it at home later.
- You leave your laptop in the car for a short time while you quickly run an errand after work.
- You let a visitor walk to the exit unaccompanied because you're in a hurry for the next meeting.
- You quickly send an email to your private email address so you can continue working on it at home later.
Sound familiar? Besides phishing emails or malware, the situations above are also examples of security incidents. Information security professionals have the complex task of preventing such incidents and limiting their impact. Easier said than done, especially since in 9 out of 10 cases, you’re not aware that an incident has occurred. Moreover, employees sometimes feel little urgency to report an incident. The more we emphasize that employees should work safely, the higher the threshold can become to report that something has gone wrong.
Cyber Crisis: The Ticking Time Bomb Within Every Organization
Despite numerous trainings and awareness initiatives, human errors remain one of the main causes of cyber incidents and data breaches. Preventing cyber incidents 100% is impossible. Therefore, the question is not if a cyber crisis will occur, but rather when such a crisis will happen.
What is a Cyber Crisis?
A cyber crisis is a serious situation in which an organization’s IT systems and/or services are disrupted, disabled, or misused, with potential threats to the survival, integrity, and reputation of the organization concerned. During a cyber crisis, crucial decisions must be made under pressure and uncertainty, where the impact is not limited to the organization itself but can also extend to chains and societal processes. It often involves the need to respond quickly and effectively to limit damage. In some cases, a cyber crisis can even lead to significant disruption of society, as illustrated by incidents such as the attack on Rotterdam’s APM Terminals which came to a complete standstill and almost caused a traffic jam in the port.
3 Tips to Make Your Organization Cyber Resilient
The level of cyber resilience of an organization depends on its ability to prevent cyber incidents, for example through good security measures and sufficient awareness for employees. Additionally, cyber resilience means being able to minimize the damage of an incident when it occurs. Business Continuity Management (BCM), crisis management, and training play a crucial role in this.
- Limit the impact of a cyber attack with a business continuity plan;
- What if... the attack was not anticipated? Limit the impact of an attack with trained crisis management;
- Practice, practice, practice!
A business continuity plan identifies potential threats to business operations, determines in advance what disruptions are acceptable, and describes in detail how the organization can continue its activities during and after a cyber attack. In essence, it’s simply a plan in which the organization looks ahead to all kinds of possible emergencies and devises appropriate solutions for them. A well-thought-out business continuity plan gives the organization clear guidelines to respond quickly and effectively, thereby limiting damage and enabling a smooth recovery procedure after a cyber incident.
Sometimes we can’t think of everything in advance. In addition to the known small risks, there are also unknown threats that we cannot predict, as Donald Rumsfeld said: ‘unknown unknowns’ – unpredictable events that fall outside our risk management. You can have such a nice script ready, but it may happen that you can’t access it because it’s no longer accessible, or because it simply doesn’t apply to the situation. In that case, you need to improvise. Easier said than done. (Cyber) crises are characterized by time pressure, uncertainty, and the high stakes involved; a trained crisis management team is essential to quickly bring together expertise and mandate and thus make meaningful decisions.
Tip: Use the crisis card. This handy tool contains the agenda items for your crisis team meetings lined up, a checklist for the crisis manager, and concrete tips for managing a crisis.
In the world of cybersecurity, everything revolves around time. The faster and more accurately an organization responds to a cyberattack, the lower the impact will be. During a crisis, people often fall back on their habits. As a result, crisis playbooks and specific crisis plans are rarely, if ever, consulted in the acute phase of crises. Many decisions are made quickly and on the spot. Therefore, it’s not only important to develop crisis scenarios but also to practice them regularly. By doing this, team members not only know what to do, but they also learn how to best support and, if necessary, adjust decisions made on the spot. Smart decisions and effective actions can ultimately make the difference between a manageable situation and a devastating disaster.
Do you need help in strengthening cybersecurity resilience in your organization?
Do you want to know more about increasing the cybersecurity resilience of your organization? Or are you looking for specific exercises to train? Then download the handbook ‘Cybercrisis? Don’t Panic!’ This handy guide is designed to assist you in setting up crisis exercises and contains valuable information for any organization, regardless of your experience level.