By Robert Wright, head of sales at Nexor
Gone is the age where small businesses can hope a fancy password and anti-virus software will save them from cyber-attacks. These attacks are multiplying fast, and companies need to get savvy.
According to Hiscox, 55 per cent of UK firms faced a cyber-attack in 2019, with the majority of businesses previously believing they were not at risk. Cyber-attacks are becoming increasingly common, with a steep 15 per cent rise in the number reported from 2018 to 2019.
The importance of preventing a cyber-attack is echoed in the financial implications they cause – the average cyber breach cost has skyrocketed 61 per cent to £280,000 in the last year. This reported cost may not include the loss of revenue from halting business operations or the indirect reputational damage, the combination of which has the potential to cause serious damage to a firm.
With this in mind, businesses must shift their sole focus from solely cybersecurity and instead start paying attention to becoming cyber resilient too.
What is cyber resilience
Cybersecurity and cyber resilience are not two entirely alien concepts to one another. In fact, cyber resilience is a counterpart of cybersecurity. As many are aware, cybersecurity is the practice of protecting systems, networks, programs and data from being attacked. This primary method to reduce the risk of attacks is not sufficient alone, as the number of attacks, their variety and sophistication grows, making businesses more vulnerable.
Here cyber resilience can be introduced, as a method businesses can put into place for when their systems are attacked. In the same way that business prepare for a physical security breach through CCTV, alarm systems and asset tagging, not just by having a lock on the door, so businesses must do the same in terms of cyber resilience.
Cyber resilience focuses on maintaining the business operations of a firm during an attack and aiding in the overall recovery. Businesses which focus on becoming cyber resilient will be better equipped to deal with a data breach and continue their day-to-day operations during a cyber-attack.
Although slightly doom and gloom, businesses today must adapt their strategies to think two steps ahead. They must admit their vulnerability to cyber-attacks and ensure procedures are in place to protect themselves. The question is, what makes a business cyber resilient during such an explosive event?
Employees require in-depth training
Human error can trigger a cybersecurity attack, as employees fall victim to email phishing or a similar ordeal. It is crucial for the business that all employees are trained to sufficiently understand cybersecurity, cyber resilience and why they matter. Employees must understand that there is a no-blame culture in the business and that they can come forward with any suspicions or uncertainties. Training should also include how the business will operate under attack.
Protect critical networks
When under a cyber-attack, businesses need to protect their critical systems from being affected. This firstly involves a thorough investigation into the internal systems and processes of the business, to identify any weaknesses. From this, the below techniques can aid in minimising the damage of a cyber incident:
Separate critical and non-critical systems
It is imperative to minimise the risk that a non-critical system breach spreads to the critical systems of the business. To ensure this, critical and non-critical systems should be separated in the business wherever possible.
Restrict access to essential employees
Businesses often allow unnecessary access of critical systems to employees. This may be to simplify the setting up of systems, or to avoid certain employees feeling devalued. To prevent the spreading of a cyber-attack, it is imperative to restrict these critical systems to solely those who require access to carry out their roles.
Back everything up where possible
In a worst-case scenario, businesses must assume their critical systems can be hacked. In this case, firms require backup systems to ensure the business can continue to function. These systems should be setup with their own separate protection with thought given as to how these backups will be deployed.
Rank your network and segment access
Employees are not the only stakeholders who have access to the systems of a business. To ensure a breach does not impact the entire system, businesses must segment their network to ensure each stakeholder (e.g. service providers) has the correct level of access.
Practise continuing with minimal resources
To understand the logistics of a cyber-attack plan in full, businesses must run through a mock incident on a 6-12 month basis. Running through the entire plan will ensure employees and management understand the logistics of each step and that the plan is viable for the business resources.
Regularly review your security processes
As the sophistication and regularity of cyber security attacks progresses, it is imperative that your security processes advance alongside this. The entire cybersecurity and resilience strategies of a business require reviewing on a regular basis to ensure any weak points are identified and dealt with.
As changes occur within a business and hackers become more sophisticated, new systems may need to be implemented to ensure the business is fully protected. Employees should be trained and updated regularly. If people aren’t following process, even after training, it is likely to be the process itself that is the problem.
Incident response plan
An incident response plan should be put in place to ensure both employees and management understand what to do during the initial phases of a cyber-attack. Firstly, preventative security should be used to prepare the business before an attack occurs. Secondly, businesses should attempt to absorb the risk of the attack escalating before executing their full incident response plan. Lastly, businesses must adapt after their attack, using their existing resources to rebuild a stronger infrastructure.