Many organisations don’t view cybersecurity as a priority and fail to take a pro-active approach to cyber threats. In 2016, global companies spent almost $600bn building their brands, whilst only allocating about one-tenth of that amount on cybersecurity. However, nobody is immune from attacks and it’s paramount that organisations are aware of the hugely detrimental implications of failing to prepare for a cyberattack; including the implications on operations, finances, legal consequences and the potential damage to reputation.
I’m a victim of cybercrime, what now?
Act fast! It’s key that you view a cyberattack as an urgent matter and you don’t wait for the consequences. First, “stop the bleeding” and ensure that you have contained the incident to the best of your ability to maintain your business operation. Then plan to notify all the relevant stakeholders, including insurance companies, regulators, legal counsel, law enforcement and your customers. It’s recommended to have a list of all those people you may need to communicate with well in advance of an attack, to ensure you don’t miss any stakeholders and incur unnecessary delays when responding to an attack.
More importantly, don’t wait until the breach happens. Be pro-active rather than re-active. Ensure you have procedures, guidelines and a plan of action in place for if/when a cyberattack hits. In the case of cybercrime, be a pessimist: it is not about if you’re attacked, but when. ...