deded
Review case studies
Another key way to prepare your organization for a full-blown cyber crisis is to review case studies on how cyber attacks have impacted other organizations. Learn the lessons they have learned and then consider how those scenarios could have been worse.
Exercise these scenarios to see how your organization would respond. What if a power outage hadn’t occurred in Ghana at the same time as the Not Petya attack on Maersk (that preserved a clean copy of their domain controller data). What if a second ransomware attack hits you shortly after the first?
2. Operational, Tactical and Strategic Teams should prepare together
The second big problem that I see many organizations struggle with is the cooperation between Operational, Tactical and Strategic teams. A cyber crisis like a ransomware attack requires a coordinated response from across the organization.
This is a challenge, because organizations are not responding regularly to cyber crisis events (thankfully!). This means that technical and strategic teams rarely interact in such scenarios. Even when performing crisis exercises, these teams usually exercise independently and rarely simultaneously.
In practice, I often see that even if they do exercise at the same time, technical teams sometimes find it difficult to relay information in a concise, non-technical way for strategic teams to understand and base their decisions on.
Making sure that your response processes at operational level align with tactical and strategic responses is key for effective coordination. To make this possible, it is important to exercise these processes across all layers of the organization simultaneously. That is the only way to determine their effectiveness, and it requires practice.
Conclusion
In my job as Senior Cyber Crisis Consultant, I see that many organizations still underestimate the preparation required to ensure an effective response to cyber crises. I believe all organizations should prepare more consciously and thoroughly for severe cyber incidents that ‘will never happen’. You should prepare for those incidents in exercises with Operational, Tactical and Strategic teams together.
Cyber crisis management is no longer just a checkmark on your compliance list, but a condition to survive.
Perché scegliere Bureau Veritas Cybersecurity?
Bureau Veritas Cybersecurity è il vostro partner esperto in materia di sicurezza informatica. Aiutiamo le organizzazioni a identificare i rischi, rafforzare le difese e conformarsi agli standard e alle normative in materia di sicurezza informatica. I nostri servizi riguardano persone, processi e tecnologie, dalla formazione sulla consapevolezza e l'ingegneria sociale alla consulenza sulla sicurezza, la conformità e i test di penetrazione.
Operiamo in ambienti IT, OT e IoT, supportando sia i sistemi digitali che i prodotti connessi. Con oltre 300 professionisti della sicurezza informatica in tutto il mondo, uniamo una profonda competenza tecnica a una presenza globale. Bureau Veritas Cybersecurity fa parte del Bureau Veritas Group, leader mondiale nel settore dei test, delle ispezioni e delle certificazioni.