Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.
It’s not the data breach, it’s how you respond to it that defines the success of your cyber resilience strategy
In 2019, the Australian Bureau of Statistics reported that about 10% of Australian businesses had experienced a cybersecurity incident in the past year.
With our increased dependence on digital workflows, the danger from cyber breaches is far bigger than fire, flood or other disasters. Despite this, far too many businesses do not have formal risk management plans in place for responding to cyber breaches.
Having the right technology and cyber resilience measures in place is just the start. The real test of your cyber initiatives comes down to how you respond to a crisis. Let’s take a look at what you can do to make sure you’re not blindsided by an unforeseen cyber incident.
1. Breaches will happen - make sure you’re prepared
While cybersecurity insurance is always a good idea, smart organisations also keep a Data Breach Response Plan on hand. A clear plan with clear accountabilities will save you a lot of grief and protect you from the worst of the fallout from a breach. It’ll save you time, money and resources while giving you more wriggle room to mitigate the damage and disruption breaches can leave in their wake.
2. Act fast, but not too fast
Cyber breaches tend to strike without warning, and you need to act quickly to contain, prevent, remediate and investigate a cyber breach. But the nature and scope of an incident may be unclear for days or weeks. With mounting pressure to respond, leaders may need to act without having all the information they need. It’s important to avoid knee-jerk reactions and take a measured response when communicating to stakeholders, your customers and the public at large.
4. Get independent IT forensics on the case
Bringing Independent IT forensic experts on board can greatly boost your credibility with customers, regulators and others. If they come through your legal team, all the better. Their reports will be protected by legal professional privilege against potential claimants.
5. Be careful about what you say
You’ll need specifically tailored communications for internal and external stakeholders, so make sure those messages are produced in collaboration with your leadership team, comms team, PR partners and legal team as needed. Enlisting their help early on will make sure you don’t expose yourself to unnecessary liabilities or reputational damage.
6. Make sure to comply with regulations
Governments are quickly updating cybersecurity regulations, which means you will need to quickly find out what types of data have been affected, and which laws apply to you. Changes to Australia’s Privacy Act mean that organisations are also subject to time limits, so make sure you comply with all relevant regulations and timelines.
7. Learn and improve
It is said that we learn from our mistakes and this is especially true of cybersecurity incidents. Once the incident has been sorted, organisations should learn from what happened and review their Data Breach Response Plan, security arrangements and resilience capabilities accordingly.
To learn more about this topic, download our Whitepaper: Cyber Breaches: What Your Organisation Needs to Know and Do.