How can businesses defend themselves and plan to get ready in a worst case scenario? This article will discuss the steps businesses can take to get prepared.
Let’s explore some best practices when preparing to manage a cyber attack at your location(s) or within your network. There are ways to save the day with the proper preparation and communication:
Plan for the Worst
Of course, you don’t want to get negative, but if you don’t consider every worst-case scenario, you may be depriving yourself of a solid and comprehensive plan.
Assess all your risks in advance. Here’s how: simply brainstorm and make a list of all the ways a cyber attack could topple all you’ve worked for. This can range from jeopardizing your reputation to social media backlash to providing misinformation to people who would normally trust you and depend on you.
Once your list is made, don’t stop there. Ask people in the know, like your IT staff, of other ways that a cyber attack can cause trouble and add all additional suggestions to the list. Once you have this list complete, you can start taking the steps toward proper cyber attack management.
Assemble a Cross-Functional Team
You may not be able to handle all the post-cyber attack damage on your own. It’s good to have a team -- if not an army -- behind you to help you smooth things over and make things right. Here are a few steps to create that team:
Appoint a leader for each type of cyber attack situation.
This leader should be experienced in the circumstances and results of each attack; for instance, an IT person for tech-related attacks, an HR person for an attack that may affect your staff.
Keep your PR/Marketing team on standby.
Long before an attack happens, your public relations and marketing team should be aware of your worst-case-scenario list, and have a plan in place for dealing with the situation, be it press releases, mass notification messages pre-written and approved in advance, and social media posts (written in advance) that address the situation honestly and effectively.
Put your legal team on alert.
A cyber attack may involve legal issues and even lawsuits. Your legal team should have a copy of your worst-case scenario list. Take a meeting with them and find how they would handle each situation.
Consider a crisis manager.
Crisis managers do this for a living, and offer strategies and solutions that may be worth your investment. Be honest with yourself if you are up to handling every aspect of cyber attack management -- or if you may need to bring in a professional to help.
Stop up the holes.
Your plan -- and the execution of it -- may not be perfect in its first draft. You’ll want to review it along with your staff and any other professionals you bring on board. Look for weak links and soft spots.
Determine the Type of Attack
There are many types of cyber attacks, and the energy and motives that move them along are complex. However, here are a few common situations:
- Malware: also known as viruses, worms, and spyware. This type of attack is harmful in that it can capture, disrupt or alter your sensitive information.
- Phishing: the communication (often an email or text) looks like it’s officially coming from you, but it’s created to steal sensitive information or to install malware on the victim’s device.
- Ransomware: this type of attack can come from phishing emails or bad downloads. It’s aim is to hold you and your computer hostage until you pay them a hefty ransom.
- Bots: bot is short for “robot;” it’s a non-human entity that is often (but not always) created to inflict damage on your computer. Because they are not human they can be created and recreated and able to flood the cyberverse.
- Man-in-the-middle attack (MitM): the attackers “listen in” on a two-party transaction, such as a purchase. This often happens on unsecured public Wi-Fi, and the victim unknowingly passes information -- like credit card number -- to the attacker. Once the attacker is “in,” he can install malware and continue to listen in and steal from the victim.
- Password attack: obtaining passwords may be the easiest way for a hacker or cybercriminal to get to work. Some victims are easier to steal from than others -- guessing children’s or spouses names can work -- or working through a network to obtain unencrypted passwords can open up the opportunity for a cyber attack.
Find out about other types of cyber attacks here.
Secure Your Network
Work with your IT department or hire an IT professional to help you accomplish these goals and protections:
- Get tools: there are numbers of high-quality software protections against cyber attack, which can automatically block malicious software looking to do you harm. Protection can include:
- Anti-virus software
- Perform daily system scans: once you have a protection plan in place, it may not protect you forever. Malicious software is constantly evolving so that it can trip up the system you have. Be sure to automatically scan for trouble daily.
- Pay attention to system updates and upgrades: when you get an official announcement that your system needs to be updated or upgraded, follow the steps immediately. If you’re left behind, new cyber attack attempts can be much easier for criminals.
- Take advantage of your firewall: a firewall is just that, a wall that will burn anyone trying to enter your system without permission. Find out how your firewall works and that it is operating correctly.
- Constantly back up your data: invest in a backup solution that will protect your data from getting lost, stolen, or corrupted.
- Invest in cyber security education. Make sure your staff is well-versed in the dangers and consequences of a cyber attack.
- Be careful of emails and Internet scams: if you don’t recognize a link, email or text, don’t open it. That could be the cyber attack that’s trying to get into your system and hoping you’ll be naive enough to let it happen.
- Consider cyber attack insurance: some insurance companies actually do insure for cyber attacks and loss of sensitive data. They may also offer services for protection and recovery before, during and after a cyber attack incident.
- Use strong passwords and consistently replace them: make it a habit to use passwords that are not easily decipherable. Never write down your passwords, or keep them near your computer. Update your password every 60-90 days.
Report and Investigate
A cyber crime/attack is no small thing. In fact, what happens to you will interest the FBI, and they get deeply involved. The FBI considers cyber intrusions a serious threat, as threatening as attacks by other criminals and terrorists. The FBI’s Cyber Division wants to hear about your incident, and you don’t want to be shy about letting the public know that the FBI is on the case.
Click here to find out more about how to report your incident to the FBI and how they will investigate.
Inform Your Audiences (Customers, Media)
In the event of a cyber attack, you will want to inform the public about it right away. Never attempt to sweep it under the rug, ignore it, or keep it a secret. Informing your audience -- as well as your staff, customers and media -- shows that you are transparent and trustworthy (unlike your hackers) and that you are showing your concern.
This is the time to have the most precisely crafted message -- from the right person in your organization -- to be ready to go. If you have crafted your message ahead of time, there should be very little editing you should have to do other than a few minor tweaks, clarifications and updates.
The very first message after a cyber attack is critical. When informing your audience, be sure to use language that sounds human. Remember to be apologetic, even if you are certain that the breach was not your fault or a result of being careless.
The Centers for Disease Control and Prevention actually lists a content strategy that can easily apply to a cyber attack situation:
- First, express empathy by acknowledging the feelings and emotions surrounding the event. Example: “I understand that this is a trying time for the people experiencing this.”
- Give facts and answers right away, as long as they are officially confirmed. You may not want to scare people with unconfirmed reports.
- Tell your audience what you know and do not know about the cyber attack at the present time. This may prevent rumors or suspicions that could cause havoc. You also do not want to give the impression that you are withholding information.
- Reassure your audience that you are committed to keeping everyone updated and informed throughout the emergency, and into the recovery.
- Direct people to where they can find more information, such as a website, physical location, or phone number.
Repair Customer Issues
Cyber crime can result in lost sales, damaged reputations and furious customers. It can also result in your business shutting down while repairs are made and customer issues are addressed. Make customer service the top priority after a cyber attack. Do what you can to right whatever the cybercriminals wronged, including full refunds, new merchandise or checking in with them to make sure they are okay. It’s this kind of customer service -- going the extra mile -- that most customers will remember long after the cyber attack and its effects have receded.
Unfortunately, cyber attacks are not going away anytime soon. As a business owner, your best defense is to be proactive and to prepare for the worst-case scenario ahead of time. A cyber attack can happen to anyone or any business; how you respond and deal with the situation will go a long way in strengthening your reputation and future business. Show your customers, staff, clients and the general public that you are well prepared in advance to best deal with a cyber attack, and are forthcoming and transparent in your handling of the situation.