Responding to cyber attacks

Responding to cyber attacks

By Anthony Fisk

Every day, businesses are attacked by cyber criminals looking to steal data for the purposes of financial gain, corporate espionage or general business disruption.

Smaller businesses, with lower levels of resources available to online security, are generally more vulnerable to cyber attacks. Bank accounts, email systems and business devices, including computers and mobiles, are just a few of the critical business assets that face compromise.

According to a survey by the Australian Cyber Security Centre (ACSC), 62 per cent of small business respondents had experienced a cyber security incident in the last year. In fact, the ACSC receives one report of cybercrime every 10 minutes.

This vulnerability has been further exposed in recent months as businesses responded to the coronavirus challenge. Cyber criminals took advantage of new security weaknesses that emerged as employees started working remotely – often using shared computers over insecure home networks.

Despite the obvious threat, many small businesses aren’t prepared for the impact of a cyber attack. If your customers’ sensitive financial and personal data is lost to a third party, what can you do to limit the reputational damage to your organisation resulting from such a breach?

The first step should always be preparation. Cyber breaches can happen quickly, so consider putting an incident response plan in place to respond to an attack or data breach. This includes your immediate reaction, which should include determining what type of attack has occurred and how to protect remaining data.

The second part of your plan should focus on communicating during the crisis and maintaining your reputation over the longer term. As part of this, you should acknowledge and plan for deviations, which occur in real scenarios, and prepare draft responses to these scenarios to minimise problems arising from rushed decision making.

Last week, my colleague described the 3 C’s of crisis management. Showing care, control and commitment provides the basis for all crisis communication. When it comes to a cyber breach, here’s some tips on how to put these principles into action:

  1. Obtain information first – when hearing about personal data breaches, your customers are likely to assume the worst, so be clear about what was compromised (or be genuine and tell people you don’t know)
  2. Disclose what you know openly – assume everything is discoverable so don’t withhold key details
  3. Convey accurate information about the breach – don’t make claims about the “sophistication” of the attack without clear evidence
  4. Use unambiguous and clear messaging – and if you are providing technical advice, ensure it is specific and actionable
  5. Communicate quickly and frequently – use all the channels available at your disposal including staff, email, web, social media and messaging apps, and make sure the messaging is consistent
  6. Take ownership for the breach – this is customer data that was entrusted to you; don’t play the victim
  7. Understand and admit the problem – explain what happened and how you plan to fix the problem
  8. Understand the true value of personal data – ensure your apology is genuine and empathetic

Of course, you want to avoid a cyber attack ever happening to you. If your business handles personal or sensitive information, you must be particularly careful about how it is protected. For further advice and practical tips visit www.cyber.gov.au

And for help with planning and preparation for crisis situations, including cyber breaches, please contact the team at CGM Communications.

All