New Haven Register (New Haven, CT)
Check your cyberattack response steps
With the Russian invasion in Ukraine continuing to lead the daily news and as sanctions by the United States against Russia escalate, acts of cyberterrorism against businesses in this country are highly likely.
In fact, in a statement issued to the nation on March 21, President Biden called this “a critical moment to accelerate our work to improve domestic cybersecurity.”
In light of this potential threat, the Department of Homeland Security has issued a Shields Up guidance for all organizations — regardless of size — to adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.
The time for hypervigilance is now. Ransomware is becoming increasingly sophisticated and can cost companies millions of dollars in a matter of minutes, data breaches can impact millions of consumers or compromise years of research, and banking fraud enabled by these attacks diverts millions of dollars. As such, businesses should ramp up testing and assessment of their cybersecurity programs and protocols to help secure their systems.
Consider these three response steps in the unfortunate event of a cyberattack — be it phishing, malware or ransomware:
Stop
Determine what happened or what is happening and what you must do to lock down your systems to stop the attack from spreading.
Notify your legal counsel, insurance carrier and the proper authorities.
Cease any financial transactions until they are validated and you are confident they are secure.
Quickly inventory all resources and organize your response team.
Think
Assess the nature and impact of the attack to determine its full scope and the extent of what was taken, damaged or compromised.
Affirm the actions you take do not compromise forensic evidence and the ability to fully investigate the compromise.
Attempt to determine the motivation for the cyberattack — money, trade secrets, reputation, etc.
Act
Establish your response and corporate level of risk tolerance (i.e., if ransomware, should you pay the ransom or risk stolen information being posted on the dark web).
Deploy lockdown and risk mitigation processes.
Develop a communication strategy that includes internal personnel, clients, and the general market.
Conduct a full forensic analysis of how the attack happened and why.
Organizations must focus on every aspect of cybersecurity to help protect their business and avoid becoming a victim. From creating processes to utilizing high-end technology and educating employees about the dangers of “random clicking” — every one of these boxes must be checked to build a cybersecurity program that can help protect your organization.