Prepare for a cyber breach - top tips from experts
Source: OAK Consulting for eHosting DataFort , Author: Posted by BI-ME staff
Posted: Thu May 17, 2018 2:38 pm

UAE. Cloud computing, mobile usage, impending IoT implementations are all indicators of the higher risks involved in data breaches. Staying in a state of cyber security preparedness is crucial to any organization that relies on data which is critical to their business.

This is true for organizations of all sizes from governments, to large enterprise as well as smaller companies. And this also cuts across the range of businesses from banking, healthcare, retail, transport, oil & gas, education, etc.

Cyber incidents, according to the Online Trust Alliance (OTA) ‘2017 Cyber Incident & Breach Trend Report’ indicates that the numbers have doubled from around 82,000 incidents in 2016 to nearly 160,000 in 2017.

What it also indicates is that 93 percent of these occurrences could have been prevented. This brings to light the gravity of the situation where organizations must remain focused on their cyber security posture, processes and procedures.

The risks are growing in frequency as well as in the level of complexity. It is evident, that to curb the intensity of cyberattacks, companies must remain in a state of readiness to tackle targeted attacks. In such an event, it is important that they respond effectively to curtail data as well economic losses. 

Some of the basic aspects that need to be considered to ensure that organizations are prepared in the event of cyberattacks include:

Allocate proper budgets
Security comes at a cost. Be it hardware, software, constant upgrades, qualified staff, etc. –  each of these elements must be given their due importance and should be considered to ensure a robust security system. While some organizations opt to invest internally, many organizations today are looking to outsource their security needs to third party providers.

Understand your risk profile
The risk profile outlines a company’s known risks, policies and practices to guide how far you need to go and are willing to go to safeguard your assets and data. The most basic approach to understand your risk profile is to conduct information gathering exercise and rely on internal resources.
A more professional alternative that produces more extensive insights is to hire a consultant or solution provider to conduct an external audit of your Processes and Infrastructure.

Prepare an Incident Response plan
In case of a cyberattack, organizations must have an Incident Response plan to tackle the issue at hand effectively. The basic goals would involve the creation of a team that has clearly defined roles and responsibilities. It would also be important to preparing basic rules and instructions in advance, which  must be followed to minimize damage. And, in order for the information flow to reach out in a timely and organized manner, organizations must ensure that the right communication is shared at the most appropriate time across stakeholders including, employees, supply chain, customers, etc. to keep them abreast of the situation in hand as well as about the corrective measures underway.

Minimize downtime
Data is critical and is the engine of any business activity and it’s role and important therefore must be placed at very high level within the Organization. It’s safety and security should play an integral role in the overall management strategy. The objective of any IT team in the time of a cyber attack is to ensure that there is business continuity and the delivery of ongoing services. However, there must also be a strong consideration by the CEO and directors on a legal platform to ensure that their shareholders are not at risk. Therefore, minimizing downtime during an attack is central and can be dealt with the right Business Continuity and Disaster Recovery plans.

Remain proactive
Timely skills upgrades are very relevant in todays changing cybersecurity environment. Training and communication must be provided on a regular basis not just to the IT teams but across the spectrum of internal departments and customers. This will help in raising resiliency of the security for the entire organization.
In conclusion, develop a roadmap of your current security factors and prepare for future needs by bridging the gap with clearly defined objectives to be met within each growth phase. Following cybersecurity best practices is a necessity to negate cyberattacks.

Photo caption: Sachin Bhardwaj, eHosting DataFort, Director, Marketing & Business Development



date:Posted: March 20, 2019
UAE. The tale of an Argentinian teenager now shows that sleuthing for security holes in code can be a lucrative pursuit; He has come a long way since winning his first reward of US$50 in 2016.
date:Posted: March 20, 2019
UAE. For M&A activity in the chemical industry to continue to be strong, there will be headwinds for organizations to navigate in the coming year.
date:Posted: March 19, 2019
UAE. With traditional security models alone proving insufficient, Help AG is set to host its Security Spotlight Forum in the UAE this March to help enterprises understand and adopt the Zero-Trust approach.