Surprisingly, plans on how to deploy a cybersecurity strategy haven’t been a priority for companies around the globe not so long ago. In 2017, the phrase “ransomware attack” was trending like never before. On May 12th, 2017, WannaCrypt ransomware attack made headlines all over the world. Starting in Europe, the malware quickly spread across the globe, demanding users’ money for the return of seized data. Using exploits stolen from the U.S. National Security Agency (NSA), hackers hit more than 200,000 machines worldwide, affecting different industries and organizations of all sizes.
Just a few weeks later, a new cyberattack took a swing at companies’ data worldwide, completely wiping it from hard drives. So how come after one major cyberattack of the year, some companies were still unprepared for what NotPetya had to bring?
Three Moves to Safeguard Company’s Technology
As a technology-dependent society, certain measures must be taken to protect not only your assets but also your clients’ private information. Compared to the same periods in 2017, the first quarter of 2018 was the most “fruitful” for hackers, with cyberattacks increasing by 32% and 47% in April and June. Below are the steps your organization can take to deploy a cybersecurity strategy.
1. Quantify Cyber Risk
The leadership understands the extent of a risk when it’s translated into numbers. For all financial and non-financial risks, some institutions have quantified losses related to a cyberattack. For example, according to a study by IBM, an average cost per lost or stolen record is $148. Also, the average total cost of a data breach can reach $3.86 million.
2. Secure Cyber Risk Management Through Risk Appetite
The Institute of Risk Management defines risk appetite as “the amount and type of risk that an organization is willing to take to meet its strategic objectives.”
Regulators are enforcing the establishment of a cyber risk strategy, which can be based on cyber risk appetite. Doing so typically helps address management’s concerns about whether the business is safeguarded against any potential cyber risks.
Approaching cyber risk management in that way allows to include it in the overall company risk framework, providing insight into whether exposure is affordable or acceptable.
3. Assess and Test the Efficacy of Cyber Protection (Including Third-party Vendors)
As described in a “Deploying a Cyber Risk Strategy Guide,” it’s in companies’ interest to carefully monitor their Cyber Risks across departments. Such assessments should help reveal any glitches in the effectiveness of protection, how proactive the organization is, and how quickly can their business recover from a disruption.
As a first step, one needs to identify the risk through cyber risk assessment and an overall security assessment. Secondly, conduct third party reviews, evaluate security control functionality against security requirements, and assess internal and third party impact on security. As a third step, regularly scan internally and externally facing servers for known security issues, along with network security. Then, estimate how well-prepared your team is during tabletop exercises, making sure everyone involved knows their responsibilities in a crisis. And lastly, evaluate the overall effectiveness of your BCDR plan, and how finalized is your strategy should remediation efforts be required.
4. Test Your Cyber Risk Readiness
To become more resilient in the face of a cyberattack, an organization needs to prepare an incident response plan. It must extensively cover different attack scenarios, each department’s accountability, response strategy, and all necessary crisis communication scenarios.
Continuously testing your incident response plan during a tabletop exercise or a drill can provide invaluable insight. A tabletop exercise allows for stakeholders to walk through specific attack scenarios relevant to their business to test their readiness. Such exercise provides avenues for stakeholders to face more realistic aspects of cyber risk and their roles in the event of a crisis.
However, incident management plans must be regularly reviewed and improved depending on the ever-evolving threat landscape.