How to Navigate a Cyber Attack
Ciaran Rooney
In the final video of his series, Ciaran covers six useful steps that businesses should take in the event of a cyber attack. He also discusses how to protect your organisation against information breaches and the cybersecurity laws that help in this regard.
In the final video of his series, Ciaran covers six useful steps that businesses should take in the event of a cyber attack. He also discusses how to protect your organisation against information breaches and the cybersecurity laws that help in this regard.
How to Navigate a Cyber Attack
17 mins 57 secs
In this digital age, with regards to the threat of a cyber attack, it is a case of when, not if. It is vital that we are prepared with robust steps in place to defend our systems and network in the event of a cyber attack.
Key learning objectives:
Understand the importance of having robust cybersecurity defences in place
Understand each of the six steps an organisation should take during a cyber attack
Why should we have defences in place even if there’s no imminent threat?
The increasing number of cyber attacks has made it imperative for organisations to plan for them, not just anticipate them. A report by the 2021 Cloudian Ransomware Victims found that almost half of the organisations surveyed that had suffered from a ransomware attack already had perimeter defences in place. This highlights the importance of having cybersecurity incident response (CIR), disaster recovery (DR), and business continuity plans (BCP) in place in advance, rather than trying to implement them during a security incident.
It is essential to note that planning for a cyber attack is not just the reserve of the Chief Technology Officer and security teams; it is also a Board level consideration. Board members and senior executives must be aware of how their organisation plans to respond in the event of a breach.
What are the six steps that businesses must take in the event of a cyber attack?
- Identify that an attack is taking place. Educating employees on what a cyber attack looks like is essential to early detection. Employees should be able to identify and report suspicious activity, such as pop-ups indicating malware infection, a slower-than-usual network, and suspicious emails
- Contain and isolate the breach to limit the scope and protect the parts of the system that may not have been compromised. If the attack is visible and an active process runs on one of the organisation's systems, the security team must stop that process immediately to protect other systems
- Evaluate and repair the damage caused by the attack. Damage assessment is central to working out what needs restoring and what resources are required to clean up the affected systems. It aims to analyse the extent of the incident, remediate any harm, and finally get the organisation back to normal operation
- Notify relevant authorities about the attack. If your organisation has been targeted, the chances are the cybercriminals responsible are using similar tactics to attack the systems of other organisations, too
- Communicate with those impacted outside the organisation. If cyber attacks are not well managed, and effectively communicated, it can hugely damage your organisation’s reputation and relationships. Customers value honesty and integrity when making them aware of a data breach
- Use the event to learn from mistakes. It’s essential to identify why the attack happened in the first place to prevent further attacks from happening in the future
There are no available videos from "Ciaran Rooney"