10 tips to prevent a cyber attack paralysing your business
When a major cyber attack on the UK is a case of 'when, not if', ComXo’s Managing Director Andrew Try suggests how firms can prepare
The cybersecurity community and major media outlets have largely agreed on the prediction that the damage caused by cyber crime will cost the world £4.6trn annually by 2021, up from £2.3trn a year ago.
With Ciaran Martin, Head of the UK’s National Cyber Security Centre saying a major cyber attack on the UK is a case of ‘when, not if’, we consider how businesses can prepare for the worst and suggest some steps that can be taken to minimise the impact of a breach.
Protect your brand at all costs. Perception is reality
It is unacceptable for a customer focused firm to be unavailable for any length of time.
Being able to demonstrate that, regardless of the situation, you are open for business and capable of maintaining high service levels builds trust, customer loyalty and professional respect.
Enable your teams to focus on the crisis
When a crisis hits, you will require total focus and coordinated teamwork to survive. Create space and mitigate risk by ringfencing the front-line experience. Triaging internal services, information updates and escalation requests creates an atmosphere of uninterrupted calm and control, putting you back on the front foot.
Provide a virtual meeting place for stakeholders
Continuous communication is the single most important factor during a crisis. An easy-to-use voice conference room that can be accessed at any time is key. A managed audio conferencing service can facilitate requests to ensure agility and fluidity as the situation develops.
Keep your staff informed. Duty of care is essential
Defined, well-rehearsed communication channels minimise confusion and insecurity among stakeholders and staff. It is vital to have access to up-to-date stakeholder and staff contact lists for consistent communications (e.g. text, email, voice, and hotline).
Ensure access to your knowledge assets
Having an external switchboard provider that understands your processes could enable you to maintain access to key information and business services even during a crisis, ensuring ongoing efficiency and information flow.
Keep your IT help desk functioning 24/7
Getting and keeping key IT capability up and working is another pivotal step to minimising confusion. Ensuring lines are open to your IT helpdesk gives your workforce assurance that the situation is under control. Using a triage capability to answer calls and service requests; fact find, prioritise and escalate – enabling your own IT staff to focus on the higher level problems.
Provide your staff with the right tools for remote working
By providing alternative, company sanctioned and network independent communication tools, staff can stay productive rather than having to second guess the company’s risk, security or compliance regime. A BYOD (bring-your-own-device) technology that’s simple to use and allows easy billing will encourage staff to continue communicating.
For global corporates a cyber-attack could mean that all world-wide communication becomes disrupted. Do you have a global resilience plan in place for communication? Is it tested around your key risks and invoked on a regular basis?
Create strong supply chain relationships
In a crisis, relationships with key operational suppliers become even more important. Maintaining strong connections with the right people in these organisations will help ensure your problem is prioritised. Share your business continuity plans with your supply chain and include them in your scenario planning.
Protect new business opportunities
Industry statistics show that up to 55 per cent of switchboard calls to professional service firms are existing or new business calls. A crisis hits customer confidence and keeping lines open to answer questions, escalate requests or give advice will ensure your customers do not seek out new suppliers.
Previous post: Why businesses should consider going back to school