Over the past few years, cyber-attacks have become the top man-made threat facing countries and companies globally. This is according to a 2018 Global Risk Landscapes report by the World Economic Forum.
Taking this into account, it’s clear that the cyber threat environment will keep on evolving and continues to place informational assets at risk.
For many years cyber security has been attributed to challenges that the IT department need to solve on their own. However, due to the intrinsic value that cyberspace and disruptive technologies introduce, senior management is obliged to oversee these precious informational assets.
The onus therefore rests on executives to consider how prepared their organisation is to deal with a cyber-attack, ensuring that it is safeguarded from potential financial repercussions, reputational damage, or facing a lawsuit.
Proactive incident management checklist
- Governance – Management teams need to identify key internal and external executive stakeholders and their roles – including business, legal, IT, risk, compliance, HR, marketing and corporate communications – as well as external parties, which form part of the cyber crisis management team.
- Compliance – With the massive amount of cyber-attacks surfacing every year, the cyber security environment has become more regulated with compliance requirements that force organisations to report any cyber incident. With this in mind, and depending on the industry, geographic locations, and agreements, you need to understand what laws, regulations, service level agreements and notification obligations must be adhered to.
- Risk – Executives need a solid, independent view of the cyber risks, in order to control and know what the associated business impact and probability thereof will be.
- Management – Define an incident management policy, an incident plan and detailed procedures or battle guides, which are agreed upon by all stakeholders, containing all the different types of attacks, as well as which stakeholders need to be involved in which type of incident.
- Communication – Transparency is always key; however, most companies always fall short in their communications with various stakeholders. This is why it is imperative to have pre-approved communication templates, which are legally approved for various stakeholders. These stakeholders include internal stakeholders, customers, media, and regulators. Ignorance is no longer an excuse, and if you’re caught unprepared or neglecting effective and open communication, it’s a sure bet that you’ll get on the wrong side of regulators or your customers.
- Testing – Explore “worst-case” scenarios through tabletop or simulation exercises, ideally facilitated by external providers, which will then allow companies to work their way back in the scenario, see what controls are in place, and work out what needs to be done to prevent a cyber incident and avoid any serious damage.
Worst case scenario run by Wolfpack for a large short-term insurance company
At a recent crisis management simulation conducted by Wolfpack, the MD for a large South African insurance organisation said that his worst-case scenario would be if an organised crime group had to target their organisation, access and steal customer information, which exposes a list of each customers’ insured items in their home, which these criminals will then use to start targeting those homes, and make headlines jeapardising the company and its credibility.
CYBERGYM have developed a global network of integrated cyber training and technology arenas to test an organisation’s systems, processes and people capabilities against cyberattacks. CYBERGYM conducts cyber-warfare readiness training for governmental and private enterprises. It focuses on the weakest link in any emergency response system – the people who run it.
Wolfpack Information Risk
Wolfpack Information Risk specialises in business-aligned information risk and cyber threat management services covering the full spectrum of prevention, detection, incident management and resilience requirements. In 2018, Wolfpack established the first African CYBERGYM arena in Johannesburg to help prepare management and technical teams to fend off real-time cyberattacks.
To find out more, visit the Wolfpack Information Risk website.