How businesses can amp up their cyber preparedness for 2023

Read the full article at the Times of India

With cybersecurity attacks consistently increasing, the need for robust countermeasures is stronger than ever. The potential impact of a cyber attack is devastating, with data breaches, financial losses, and loss of brand reputation being just some of the consequences. In 2022 alone, the average cost of data breaches was $4.35 million globally—up 2.6% from the previous year, according to an IBM report. And yet, many companies continue to have an ad hoc response system to cyber incidents, or sometimes no system.

The need for data security

Any company’s core tenets of data security are confidentiality, availability, and integrity. These ensure that data can only be accessed by those authorized to do so via secure and pre-approved channels. While this sounds simple, implementing it requires extensive study to examine where current gaps exist, how accessible data is to those who need it, and what encryption measures are in place.

The second part is data governance, wherein clear rules are established about what security levels to assign to each piece of data, who can access that data, and through which channels. By keeping a finger on the pulse of how data flows in the organization, hitches can be quickly detected and addressed.

How to design an incident response plan

A cybersecurity disaster can strike any part of the system at any time – yet; there are certain commonly observed types of attacks that companies can guard against. By having a robust incident response plan in place for likely scenarios, a company can take measures much sooner and save up to 35% of the cost of the incident. Such a plan will also help mitigate the impact of more unconventional attacks, as basic safeguards can be quickly launched.

An incident response plan has five main components –

  1. Prepare for attacks
  2. Detect threats as soon as possible
  3. Contain the impact of the attack
  4. Eradicate the threat
  5. Evaluate the damage

As is evident, the preparation stage ensures that the other four steps are executed smoothly and effectively.

Experts recommend the following best practices that organizations of any size can implement.

  1. Gather information- While this step can be time-consuming, it is vital. The organization should gather as much material as it can on past breaches, past vulnerability report results, current trends in cybersecurity, and details on attacks that other companies in the same industry might have faced.
  2. Identify threats- Attack outcomes and responses vary greatly depending on the attack’s origin. Was it a ransomware attack? A social engineering attack? An insider threat? For each, there should be a list of signs to watch out for – even a few seconds saved through quicker identification can make a big difference.
  3. Identify core assets- Not all data assets are equally critical if threatened. The team should create a hierarchy of assets and assign protections to each accordingly.
  4. Identify experts- It may be expedient to have an external cybersecurity expert on hand to provide extra support to the IT team in the case of an incident.
  5. Have a communication strategy- Who are the people and authorities that need to be informed in case an attack occurs? What are the deadlines involved? Have a clear game plan for reporting incidents to government authorities, relevant partners, and vendors. If the attack is severe, decide when (and if) you wish to notify the press.
  6. Review periodically- Cyber attackers are constantly getting better at what they do, which makes it all the more vital for incident response plans to be up to date. Collect inputs from your IT team and other employees at defined intervals and identify ways to simplify processes and fortify points along the data chain. Then, test and implement as necessary,

Promoting employee awareness

Cybersecurity isn’t just the concern of the incident response team. Cyber incidents often originate because an employee wasn’t careful enough with password protection or fell for a phishing scam. In fact, given that phishing attacks are rising at an alarming rate, it is vital to train employees about common day-to-day mistakes that could create security gaps.

Some ideas include:

  1. Guiding employees through a phishing resistance training tool that teaches them how to identify suspicious interactions
  2. Adding a phishing defense to the company’s cybersecurity stack
  3. Defining different types of cyber threats, such as malware, worms, ransomware, and so on
  4. Guiding them through daily best practices like choosing strong passwords, regularly changing passwords, using two-factor authentication, and using VPN to log into work systems remotely
  5. Conducting regular incident response drills so that employees immediately know what to do and whom to communicate with in case of a breach

There should also be a point of contact on the tech team whom any employee can approach at any time if they have questions.

Final words

Cybersecurity preparedness cannot happen overnight or even in a month. It requires a concerted effort from the entire team – IT and non-IT alike – starting with acknowledging that security is just as vital as any core business function. The incident response plan, diligently researched and periodically viewed, is a critical asset in an increasingly vulnerable digital age. With a strong one, companies can protect the integrity of their data from any attack.

 



Leave a Reply