October is Cyber Security Awareness Month. We think cyber security should be prioritised all year round, but given the massive impact of the recent Jaguar Land Rover cyber attack, we need to be raising awareness more than ever.
Start Tech has the expertise to secure your business against cyber attacks, but no business can ever be 100% protected given the multiple entry points into your systems. However, that doesn’t mean you should expect the inevitable, and we hope you’re doing everything possible to put protection in place. If you would like our expert advice, get in touch with the team now.
But what happens if you do get cyber attacked? Here’s some advice on what to do next…
Your First Port of Call
If you fall victim to a cyber attack, the first thing you do is consult your disaster recovery plan, which gives you a step-by-step plan of action. Just as a fire evacuation plan works regardless of who is in the building, a disaster recovery plan does not rely on your IT manager being present. It gives the leadership team a clear, shared set of actions to follow, removing guesswork when mistakes are most costly. If you don’t have one, Start Tech can help.
Who to Contact First
Your first step should be to contact your insurance provider – we can’t stress how important it is to have cyber insurance in place for this reason. They will take the lead, provide the necessary next steps, and notify specialist teams such as forensic investigators, legal advisers and PR experts who know how to navigate the crisis.
Next Steps
Containment is a priority. Affected systems must be isolated and normal operations paused to prevent the problem from spreading. Quick fixes or attempts to carry on trading can deepen the damage.
Establishing lines of communication in your recovery plan is crucial, for external and internal stakeholders. If the platforms that your operations rely on are compromised, another independent platform must be used to coordinate staff and response partners. Mishandling external messaging often inflicts more lasting damage than the incident itself.
Forensic work must begin to determine the entry point, the systems affected, and the data exposed. This intelligence is crucial to containing the breach and informs both recovery and regulatory reporting.
A data breach involving personal information must be reported to the Information Commissioner’s Office within 72 hours. The liability of an attack rests with the business itself, not its IT provider, and failure to comply risks significant fines as well as reputational fallout. Remember that a cyber attack is a crime. It can be reported to law enforcement via Action Fraud.
Demands for Ransom
Ransom demands from hackers are a dilemma. The National Cyber Security Centre’s advice is not to pay; doing so fuels criminal networks, provides no guarantee of resolution, and often paints the business as a repeat target. It’s worth noting that it isn’t illegal to pay ransom demands currently (though in time this is likely to change), and some businesses do.
Help Raise Awareness
To help raise awareness of this growing issue, we would love to see SME’s admitting to what’s gone wrong. The idea that this is only happening to businesses like JLR is misleading. It’s happening to everyone. But the difference is that for companies like JLR, they’ll get support from the government, whereas SME’s risk losing everything.
If there’s more awareness about how common attacks are, businesses will sit up and take notice, and put crucial preventative measures in place to slow the prevalence of these attacks.
Improve Your Cyber Security Now
Our top-line advice would be to invest in logging and data monitoring so you can quickly understand the scope of an attack, why it happened, and which areas of the business can be contained and uncompromised. Take out Cyber Insurance and adopt Cyber Essentials to ensure the fundamentals of cyber security are in place to lower your risk.
Leadership teams should rehearse recovery plans regularly, even offline, so the organisation can respond if locked out of its systems at short notice.
Ultimately, your best course of action is to have certified cyber security experts in your corner. Start Tech is the only NCSC-assured provider in Shropshire, so get in touch today and invest in keeping your business safe.
