Security Management

Are you incident ready?

Author: Phillip Davies
Blog Hero 3

With a 350% increase in phishing targeting employees and growth in ransom and malware is your incident response and communications plan ready? Does everybody know their role and potential scenarios we might face?

In our experience most business that do have an incident response plan but have never tested it. We are engaging with clients regularly helping them update their incident response plans, ensuring communications is embedded, so that when they do fall victim to an attack, that they are prepared and switch quickly to bus as usual, responding quickly and effectively. Various studies out there suggest it is now more likely than not that most business will be hit with a cyber-attack at least once over the next two years. Time to review your plans?

This week four US hospitals reported being affected by ransomware. One of them, St. Lawrence was hit. A day later the FBI warned hospitals nationwide of more impending attacks. This hot on the heels of the now infamous NotPetya ransomware attack and a US federal grand jury indicted six Russian Intelligence officers reported to be part of the Russian Security Services Covert operations Unit 74455, All six are now amongst the US most wanted and accused of a ransomware attack on the Maersk Group, paralysed shipping ports and causing over $300m in losses, as well as the $10bn of damage to FedEx, US Healthcare and Pharma.

October the UK Information Commissioner Office fined British Airways £20m following their 2018 data breach that affected 400,000 of BA’s customers. Were it not for the Government’s intervention due to the wide spread economic impact from COVID19 the fine would have been much larger, upwards of £180m. This is the largest fine the UK ICO has imposed to date. The regulator determined BA's should have had security plans in place to prevent the attack.


Recommended for you