What management teams needs to know in a cyber-crisis

What management teams needs to know in a cyber-crisis

Over the past few years, cyber-attacks have become the top man-made threat facing countries and companies globally. This is according to a 2018 Global Risk Landscapes report by the World Economic Forum.Taking this into account, it’s clear that the cyber threat environment will keep on evolving and continues to place informational assets at risk.

For many years cyber security has been attributed to challenges that the IT department needs to solve on their own. However, due to the intrinsic value that cyberspace and disruptive technologies introduce, senior management is obliged to oversee these precious informational assets.

The onus, therefore, rests on executives to consider how prepared their organisation is to deal with a cyber-attack, ensuring that it is safeguarded from potential financial repercussions, reputational damage, or facing a lawsuit.

Proactive incident management checklist

  1. Governance – Management teams need to identify key internal and external executive stakeholders and their roles – including business, legal, IT, risk, compliance, HR, marketing and corporate communications – as well as external parties, which form part of the cyber crisis management team.
  2. Compliance – With the massive amount of cyber-attacks surfacing every year, the cybersecurity environment has become more regulated with compliance requirements that force organisations to report any cyber incident. With this in mind, and depending on the industry, geographic locations, and agreements, you need to understand what laws, regulations, service level agreements, and notification obligations must be adhered to.
  3. Risk – Executives need a solid, independent view of the cyber risks, in order to control and know what the associated business impact and probability thereof will be.
  4. Management – Define an incident management policy, an incident plan, and detailed procedures or battle guides, which are agreed upon by all stakeholders, containing all the different types of attacks, as well as which stakeholders need to be involved in which type of incident.
  5. Communication – Transparency is always key; however, most companies always fall short in their communications with various stakeholders. This is why it is imperative to have pre-approved communication templates, which are legally approved for various stakeholders. These stakeholders include internal stakeholders, customers, media, and regulators. Ignorance is no longer an excuse, and if you’re caught unprepared or neglecting effective and open communication, it’s a sure bet that you’ll get on the wrong side of regulators or your customers.
  6. Testing – Explore “worst-case” scenarios through tabletop or simulation exercises, ideally facilitated by external providers, which will then allow companies to work their way back in the scenario, see what controls are in place, and work out what needs to be done to prevent a cyber incident and avoid any serious damage.

What's so special about us?

There are so many companies and individuals offering websites out there, so why should you use DiG to create and manage your online business presence?

Yes we have years of coding and design knowledge and we are very good at building websites, but we also have actual business management experience and an understanding of what it takes to run a business from logistics through to marketing.
This is were our offering differs. We use those years of industry experience to develop online tools to assist with your business work flow and processes.
This automation will not only save you time and prevent task repetition but  it will also ensure that all your processes are compliant with current legislation.

WE OFFER ONGOING BUSINESS SOLUTIONS ...    ... not just websites!

There is something special about your business.

Our goal will be to let the world know what that is!


Proudly serving you from Melkbosstrand.

 

Get in touch

 

YOU SHOULD

CONTACT US NOW

 

HELPFUL RESOURCES

We are not cheap . . .

. . . but we do, however, offer reasonable Website Subscription Plans that make our services affordable and accessible, without sacrificing quality.  This is a great option for smaller to mid-size companies who need a great website on a budget and who also need our regular Monthly Marketing, Social Media and SEO support.

There’s always someone willing to do it cheaper, but . . .

. . . generally, when you find someone willing to do a cheap website, that is what you are getting – a cheap website, and there is always a catch to a cheap website!

Your website should work for you. It is your best employee. Would you underpay your best employee?