Over the past few years, cyber-attacks have become the top man-made threat facing countries and companies globally. This is according to a 2018 Global Risk Landscapes report by the World Economic Forum.Taking this into account, it’s clear that the cyber threat environment will keep on evolving and continues to place informational assets at risk.
For many years cyber security has been attributed to challenges that the IT department needs to solve on their own. However, due to the intrinsic value that cyberspace and disruptive technologies introduce, senior management is obliged to oversee these precious informational assets.
The onus, therefore, rests on executives to consider how prepared their organisation is to deal with a cyber-attack, ensuring that it is safeguarded from potential financial repercussions, reputational damage, or facing a lawsuit.
Proactive incident management checklist
- Governance – Management teams need to identify key internal and external executive stakeholders and their roles – including business, legal, IT, risk, compliance, HR, marketing and corporate communications – as well as external parties, which form part of the cyber crisis management team.
- Compliance – With the massive amount of cyber-attacks surfacing every year, the cybersecurity environment has become more regulated with compliance requirements that force organisations to report any cyber incident. With this in mind, and depending on the industry, geographic locations, and agreements, you need to understand what laws, regulations, service level agreements, and notification obligations must be adhered to.
- Risk – Executives need a solid, independent view of the cyber risks, in order to control and know what the associated business impact and probability thereof will be.
- Management – Define an incident management policy, an incident plan, and detailed procedures or battle guides, which are agreed upon by all stakeholders, containing all the different types of attacks, as well as which stakeholders need to be involved in which type of incident.
- Communication – Transparency is always key; however, most companies always fall short in their communications with various stakeholders. This is why it is imperative to have pre-approved communication templates, which are legally approved for various stakeholders. These stakeholders include internal stakeholders, customers, media, and regulators. Ignorance is no longer an excuse, and if you’re caught unprepared or neglecting effective and open communication, it’s a sure bet that you’ll get on the wrong side of regulators or your customers.
- Testing – Explore “worst-case” scenarios through tabletop or simulation exercises, ideally facilitated by external providers, which will then allow companies to work their way back in the scenario, see what controls are in place, and work out what needs to be done to prevent a cyber incident and avoid any serious damage.