The frequency of cyber-attacks have been on an upwards trajectory for several years now, but 2022 saw new threats emerge and impact organisations on a regular basis. According to the latest Cyber Security Breaches Survey from the UK government, 69% of large organisations and 32% of smaller firms experienced a cyber-attack in 2022 and with recent highly publicised attacks at the likes of the BBC, British Airways and Boots, it’s clear that cyber-attacks are a gargantuan threat to businesses of all shapes and sizes.
The rate and frequency of these attacks is concerning but even more alarming is the vast number of businesses who lack the necessary defences to protect themselves from a potential incident. For smaller businesses, cyber security is falling down the priority list as they look to prioritise addressing economic issues like inflation and turbulent markets. According to the same government survey, just 21% of businesses have formal incident response plans in place. With the door seemingly ajar for opportunists to strike, businesses must mobilise their defences, and this begins with the implementation of an effective incident response strategy.
The five-step approach to ensuring your business is protected
As opportunists continue to seek out vulnerabilities to exploit their targets, one of the biggest failings businesses experience in the event of a cyber-attack is a lack of preparation. Although businesses may be tempted to purchase top-of-the-range cyber defence programs and invest in sturdy firewalls, the creation and implementation of an incident response strategy needs to be a big priority. The ‘5-step cyber security framework’, developed by the National Institute of Standards and Technology (NIST), is a solid model to follow as you look to develop your strategy. The model outlines five stages business leaders must take to prepare for and mitigate against the impact of a cyber-attack to ensure that downtime and disruption is minimised, and that recovery is a quick process. The five steps are as follows:
- Identify the risks: Ensure that your IT personnel gain an understanding across the entirety of your business to manage cyber security alongside any potential risks to systems, people, assets data and more. Following this, begin to identify what processes, policies and software need to be implemented to ensure protection.
- Protect against the risks: Once you have identified any components within your organisation that could be a potential risk, develop and implement appropriate safeguards to ensure that your critical infrastructure and data is protected in the event of an attack. For example, you can enable duo-authentication sign-in protocols or background checks to ensure that your risk management policies are adhered to.
- Detect when an attack occurs: Ensure you have a suite of software and processes implemented into your IT infrastructure that can detect and identify attacks when they occur. For example, install Distributed Denial –of Service (DDoS) projection and firewalls to secure your cyber networks.
- Respond to breaches in a timely and effective manner: As part of your incident response strategy, a crucial component is to have a clear communication strategy for any impacted stakeholders or customers. In the event of an attack, make sure you respond to breaches in a timely and precise manner. For example, having Recovery Time Objectives (RTO) in place can restore your critical systems and applications, minimising the amount of downtime for your business.
- Data recovery: Often, cyber-attacks will target your data, so it’s essential you have appropriate data recovery plans implemented to ensure business continuity. Using Recovery Point Objectives (RPO) can help ensure that your data is backed up or replicated, as well as ensuring that it can be successfully recovered.
Cyber resilience needs to be engrained into your company culture
Having a clear and concise strategy on how to respond to incidents, alongside the implementation of security software, is incredibly important for businesses to remain resilient in today’s cyber-focused landscape. But for organisations to truly remain secure, cyber resilience must be engrained into your company culture. Just as employee wellbeing and sustainability are high ticket items on a business’ corporate cultural policies, fostering a culture of cybersecurity will enable all of your employees to become an effective security control. From running awareness courses to educate your workforce on the myriad of threats, and how to spot them, to having your C-suite executives lead by example by living and breathing cyber-safety by taking a proactive approach to various measures such as password refreshes and identifying malware or spam emails. With the right approach and a clear incident response plan, you can rest assured the cybersecurity of your business is the strongest it can be.
Author: Jack Peters, Customer Solutions Architect, M247