1. Ensure a senior executive is part of the cyber incident response team – don’t leave it just to the IT team.
Every company should have a senior executive included in their cyber incident response team. This will help to build a bridge between IT, legal, management and outside partners, and ensure that the team has timely access to someone that can make decisions as the breach unfolds.
2. Don’t further incite threat actors with undisciplined communications.
If you are an executive of a company that is in the middle of a cyber attack – especially a ransomware attack that involves ransom negotiations and stolen data – a top priority is ensuring that any communication with the threat actor goes through a highly vetted process – preferably through experts in this field.
We always say it’s not the attack that may ruin your business, but how you respond. How, when and with whom the company communicates can influence ransom demands, the length and severity of the attack and the release of stolen information that can have major repercussions on the reputation of the business.
3. Always stay on top of compliance and reporting requirements.
It is critical that your client’s lead executive is well versed in data privacy compliance and reporting requirements. From publicly traded to privately held firms across nearly every industry, there are a range of reporting requirements to which companies need to adhere that differ globally.
4. Accuracy matters more than speed.
Amid a cyber attack, a slow, ineffective response could prove disastrous for a company’s reputation. Speed is important, but inaccurate and incomplete information will cause more damage. If the breach response plan is already in place, combined with the appropriate legal, compliance, operations and IT security experts, your client’s odds of bouncing back from a crisis are much better.
5. Ensure you have an alternative message system to communicate with your breach response team if email communications is disabled.
If your company primarily uses email to communicate with employees, customers or anyone, and email is down because of the cyber attack, it is critical to have backup communications channels to share information quickly and effectively.
Cyber attacks represent a fast-moving form of crisis that can ruin brands and balance sheets. And while general crisis response principles have relevance, a cyber attack is a wholly different animal.
The five tips outlined above will help a company’s chances to survive a cyber attack with the least amount of long-term damage, but it must also be integrated with a broader cyber security strategy. Without it, your clients risk losing their value, their reputation and possibly, worse.
We are here to help on all counts.
BOXX is sharing guidance sources from NSCC with actionable steps and guidance on steps to take when the cyber threat is heightened. Click here to read more.