Cybercrime is on the rise – attacks are becoming more frequent, methods more sophisticated, and impacts more severe. And while tools and technologies go a long way in protecting your business data and IT infrastructure, effective planning is also vital to risk mitigation and management.
A cyber security incident response plan can help you protect and restore business operations when and if an attack occurs. With new threats continuing to emerge, it is not only critical for your business to have a cyber security incident response plan, but for it to be regularly reviewed and updated. An outdated plan is rarely useful to anyone.
Here are five tips for staying on top of your cyber security incident response plan:
1. Update your list of critical systems and information
A catalogue of your organisation’s most vital digital assets is an important tool for prioritising incident response efforts. Over time, your systems will inevitably change so make sure this is echoed in your plan.
2. Update threat-specific responses
Your incident response plan needs to change to reflect the current cyber threat landscape. Remember, last year's biggest threat may not be this year's.
3. Keep your contact list current
You want to be able to get in touch with the right people in a timely fashion when responding to an incident, and keeping your contacts list up-to-date is the first step for doing this.
4. Document your discoveries
Simulated cyber attacks are an effective, proactive and risk-free way of identifying any deficiencies in your network. But you need to capture and document the results and key learnings along the way.
5. Communicate updates to your plan
Any significant changes to your cyber security incident response plan should be shared with relevant team members.
While a robust cyber incident response plan can help reduce your exposure to cyber risks and mitigate the damage from cyber attacks, its efficacy is contingent upon up-to-date information. Ongoing tweaks and refinements will go a long way in helping to bolster your cyber posture.
FirstWave protects businesses and government organisations of all sizes from risk by providing rapid and affordable access to the most advanced, comprehensive and adaptive cloud-based cyber security solutions available. Get in touch with us today to learn more about how we can help your organisation get on the front foot against cyber threats.
By Roger Carvosso, Product and Innovation Director
As a business owner or manager, you need to address a range of cybersecurity threats. Ransomware is one of the most widespread and insidious.
Ransomware is malicious software (malware) that encrypts files or locks computers. People or groups behind ransomware attacks demand payment – often in digital currency – to restore access.
Ransomware can infect a business or government organisation in many ways. For example, a worker may inadvertently open a malicious attachment or click on a link in a phishing email to a malware-laden website. Once ransomware infects a computer or network, it may seek to spread to vulnerable shared systems.
According to the 2018 Internet Organized Crime Threat Assessment from Europol – the European Union’s law enforcement agency – ransomware remains the key threat in law enforcement and industry reporting.
In 2017, ransomware attacks called WannaCry and NotPetya – that exploited vulnerabilities in older or unpatched versions of Microsoft Windows – caused billions of dollars’ worth of damage to businesses and organisations worldwide. Industry experts expect similar attacks to occur in future.
So how can your business protect itself against ransomware attacks? The following steps may help minimise the risk of infection.
You should note that Australian Government cyber-security bodies typically recommend against paying ransomware owners. There is no guarantee owners will restore access to the compromised files and they or other attackers may identify your business or organisation as a target for future attempts.
If you would like to learn more, please contact us at firstname.lastname@example.org.
By Simon Ryan, CTO