Organizations invest significant time and resources into creating a reputable image and earning public esteem. One mishandled breach incident can severely damage years of goodwill. The fallout can be long lasting, unpredictable and hard to control.
Cybercriminals and hacktivists know how valuable customer and partner relationships are to brands of all types, and increasingly target and exploit reputation and trust angles in their attack strategies.
As cyber-related fraud reaches record levels, a new Pew Research Center study shows consumer concerns about data security and loss of privacy are at an all-time high. Hospitals, schools and banks—supposedly safe havens—fall prey to ransomware and DDoS attacks. Substantiated reports of foreign interference in government elections, legal affairs, and journalism further violate the public trust. Companies now have to work harder to build confidence, reassure customers, and communicate securely—even if they haven’t been directly attacked.
In addition to tarnishing brand reputation, data breaches are increasingly expensive; notification and restitution requirements, regulatory fines, lawsuits, and sudden drops in sales or stock prices add up to a hefty hit to the bottom line. Small-to-midsize businesses in particular are often unable to recover.
Even large enterprises can sustain lasting damage: the string of record-breaking Yahoo breaches is an ongoing case study in the repercussions of poor incident response, insufficient remediation, and loss of public trust.
Cyber Resilience is Critical
Frankly, every organization, no matter their size, must assume they will eventually incur severe impacts from unpredictable cyber threats. Planning for resilient incident response in the aftermath of a breach is imperative. Traditional risk management is insufficient.
It’s important to learn from the cautionary tales of past breaches, not only to build better defenses, but also better responses. Business, government, and personal security are now so interconnected, resilience is important to withstanding direct attacks as well as the ripple effects that pass through interdependent systems.
I strongly urge organizations to establish a crisis management plan that includes the formation of a Cyber Resilience Team. This team, made up of experienced security professionals, should be charged with thoroughly investigating each incident and ensuring that all relevant players communicate effectively. This is the only way a comprehensive and collaborative recovery plan can be implemented in a timely fashion.
Today’s most cyber-resilient organizations are appointing a coordinator, such as a director of cyber security or a chief digital officer, to oversee security operations and to apprise the board of its related responsibilities. The new legal aspects of doing business in cyberspace put more pressure on the board and C-suite.
For example, an enterprise that cannot prove compliance with HIPAA regulations could incur significant damages even in the absence of a breach, or face more severe penalties after a successful attack.
Next Steps
Moving forward, enterprise risk management must build on a foundation of preparedness to create risk resilience by evaluating threat vectors from a position of business acceptability and risk profiling. Cybersecurity chiefs must drive collaboration across the entire enterprise, bringing business and marketing needs into alignment with IT strategy.
IT must transform the security conversation so it will resonate with leading decision-makers while also supporting the organization’s business objectives. Leading the enterprise to a position of readiness, resilience and responsiveness is the surest way to secure mission-critical assets and protect people.
A robust data breach response includes developing a plan, regular scenario planning, taking decisive action and managing the message. These actions will involve a wide range of internal stakeholders, and may involve the services of external crisis management and media experts.
Once a breach happens, swift decision-making requires accurate data. Simply put, organizations of all sizes need to take stock now in order to ensure that they are fully prepared and engaged to deal with today’s ever-emerging security challenges.
Businesses that develop a deeply rooted culture of security are most likely to be resilient and competitive in the face of ongoing threats and challenges. As the players, targets and stakes shift in response to geopolitical and financial forces, leadership must remain watchful. This includes keeping up on trends and emerging threats, drawing lessons from incidents at other companies, reassessing plans and priorities and collaborating closely with security experts.
So, consider implementing these to better prepare yourself:
- Re-assess the risks to your organization and its information from the inside out. Operate on the assumption that your organization is a target and will be breached.
- Revise cyber security arrangements: implement a cyber-resilience team and rehearse your recovery plan.
- Focus on the basics: people and technology
- Prepare for the future: to minimize risk and brand damage, be proactive about security in every business initiative.