The Importance of Being Prepared
While most businesses invest in technologies or adopt policies that serve to protect against cyber crime, many overlook the importance of having a strategy in place in case those defences are compromised.
No cyber defence is 100% effective. Recognising that fact, and preparing for an incident in advance, is key to mitigating the impact – and may be what enables your business to survive.
You should consider the following measures essential to your Prepare strategy:
Incident Management and Response – Your Incident Management and Response model will vary dramatically depending on the scale and structure of your business. Incident Response is typically broken down into six “stages”, with even those businesses that outsource their IT function having a significant role to play in steps 1, 2, 3 and 6. The stages are:
- Preparation – ensuring that the relevant response plans and policies are in place in advance.
- Identification (Detection) – recognising when an event or incident has begun and initiating the relevant response.
- Containment (Isolation) – taking steps to minimise the impact on the business.
- Eradication – removing/treating the threat.
- Recovery – restoring normal operations in an orderly fashion.
- Lessons learned – every incident is an opportunity for your business to test and fine tune existing response plans ready for the future.
Planning for incident response should be a continual and dynamic process. To get started, think about the incidents that might affect your business – ransomware, business e-mail compromise, Distributed Denial of Service (DDoS), malicious insider. You should develop individual responses (‘playbooks’) for each incident – and don’t forget, we are here to help.
If you’d like us to assist you in completing the exercises, either as observers or advisors, please get in touch.
The small business guide also covers guidance that helps small to medium sized organisations prepare their response to and plan their recovery from a cyber incident. The full guide can be found on the NCSC website here https://s3.eu-west-1.amazonaws.com/ncsc-content/files/Response_and_recovery_guidance.pdf
Get in Touch
Contact us to start a conversation and book a training exercise:
Please be aware that our primary business audience is Small to Medium Enterprises (SMEs), though we are willing to have conversations with larger companies and any company which is victim of a significant cyber incident.
Personal Cyber Security & Privacy
For guidance on staying secure online and maximising your online privacy, please go to our dedicated pages: