As a technology-dependent society, we out to learn from cybersecurity lessons from the past major cyberattacks to protect not only our assets but also our clients’ private information from any data breaches.
On May 12th, 2017, WannaCrypt ransomware attack was an international buzzword. Beginning in Europe, the malware quickly took over the globe, demanding users’ money for return of seized data. Using information stolen from the U.S. National Security Agency (NSA), hackers attacked more then 200,000 machines worldwide, affecting different industries and businesses of all sizes.
Just a few weeks later, a new cyberattack emerged, hitting companies’ data worldwide, totally wiping it from hard drives. So how come after one major cyberattack of the year, some companies were still unprepared for what NotPetya had to bring?
Let’s take a look at the cybersecurity lessons learned from major cyberattacks after myriads of companies failed at protecting their assets.
An In-depth Defense
An attack can come from anywhere, anytime. That’s why implementing extensive and multi-layered security measures to protect the organization’s critical data, ranging from customer data to private internal files, is a top priority for any business.
Exercising incident response plans is a helpful practice that can bridge the gap between companies’ polices and practices. However, the only way to make sure practices match the intent of cyber security policies is for businesses to conduct regular staff training and test exercises, such as tabletop tests. Doing so will enable operational staff to get familiar with the incident reponse process.
Timely and Accurate Communication
Communication isn’t always about handling the media when the attack goes public. In an event of a cyber attack, keeping everyone involved on the same page is integral to company’s reputation. Addressing such an incident internally early can and will help mitigate the effects of it and properly translate an incident into what actually needs to be done. A cyber incident response team must run an investigation to understand what part of information got compromised, and to what extent did that affect the clients. Managing crisis at hand and getting the facts right is the foundation of the ethics of communication.
Most companies that have been affected by a data breach agree, that proper digital housekeeping can provide a lifeline during a cyber incident.
Proper Digital Housekeeping
Experts stress the fact that the database entry logs play an important role in investigating a cyber incident. Good data housekeeping can improve cyber incident reponse. Even though it’s so impactful, not all cyber security responders get it handed to them once the need arises. There are many organizations that neglect updating their logs and transferring them to an approapriate person, which will definitely interfere with an investigation.
Securing a Service Level Agreement (SLA)
For an effective response, having a right contract in place will allow a timely access with SLAs to the information a company needs in the event of a cyber attack.
If your vendor is withholding some critical data, it is important that you have a contractual means to fall back. Establishing SLA in advance will be your agreement with your provider, either external or internal, that outlines the services to be provided, the expected responsiveness, and performance measurement.