Steps to prevent or recover from a cyber-attack

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.propertyweek.com/steps-to-prevent-or-recover-from-a-cyber-attack/5077653.article

Cyber security dominated the headlines in October following the
high-profile cyber-attack on telecommunications company TalkTalk. Yet this
is just one example in a growing number of cases. Recent Office for
National Statistics (ONS) figures show a huge increase in reported
instances of cyber crime in the UK, estimating that 2.5 million incidents
of crime fell under the Computer Misuse Act in the past year. If further
evidence were needed, cyber risk is ranked as a tier-one threat by the UK
National Security Strategy and is a key priority in the National Crime
Agency’s current annual plan.

Most businesses hold information that is valuable to someone, somewhere. In
almost every business that information is held, accessed and shared
electronically. Any business that has an online footprint or computer
network is at risk of those systems and networks being compromised by
someone who wants to get their hands on that valuable data. That risk is
only heightened by the increased use of cloud computing, smartphones and
bring-your-own-device policies. As cyber criminals become more
sophisticated, the reality is that no organisation or individual is safe.

Hackers are now targeting business information, which could include
confidential data concerning property deals, planned M&A strategies,
purchase bids and other financial arrangements. They are not just after the
personal data held with banks or stored in sale and rental databases.

However, it is only as larger organisations continue to fall victim to
large-scale cyber-attacks that the realisation begins to dawn: this is a
threat to be taken very seriously. It may only be once a large company has
been completely brought down by a cyber-attack that individuals will fully
deploy the safeguards available to them and their business.

A crisis can feed paranoia and uncertainty for employees and customers
alike. For a company that falls victim to a successful cyber-attack, there
are immediate financial ramifications from the business lost while the
systems are down, the valuable data that has been stolen or the queue of
litigants seeking compensation. Additionally, there can be a broader impact
on customer trust and confidence following an attack, which can lead to
reputational damage that is more difficult to quantify. Yet basic alert
mechanisms and security measures can help businesses to investigate a data
breach quickly and accurately, before responding decisively to an incident
if it does happen. There are simple things companies and individuals can do
to protect their business before a data breach occurs and in the event that
a breach takes place.

Before a data breach

1. Introduce the correct management structure and clearly define
responsibilities. Create a crisis response team and train them regularly in
how to respond to a breach.
2. Recognise and register legal rights: make sure
you have identified and taken steps to protect valuable data.
3. Ensure compliance with regulatory obligations, including having adequate
software and systems in place to protect your data.
4. Introduce watertight contractual arrangements, cyber-security policies
and procedures; then raise awareness about them and train your staff in how
to implement them.
5. Ensure your insurance policies give you the right cover. If you have
concerns, it is within your rights to challenge your broker: this is still
an emerging space.

After a data breach

1. Move quickly: you need to find out who is behind the breach, how they
got in, what has been taken, when and why. The first hours are critical to
ensure that any money or valuable information stolen can be recovered.
2. Contact your insurer and confirm your responsibilities in terms of
appointing experts to contain, track and recover lost data.
3. Decide who you need to notify and what they need to know - the
Information Commissioner and other bodies may be expecting your call.
4. Communicate with your customers, shareholders and staff: reputations
take a long time to build and can be damaged in no time at all. Keeping
customers informed will limit the fallout.
5. Take legal action to recover your data and prevent its misuse.

The cyber threat requires constant attention. The most valuable thing you
can do is put this issue high on the agenda of your next board meeting. It
is vital to foster a workplace culture that understands the risk and has
the capabilities to manage it.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!