New Haven Register (New Haven, CT)

Check your cyberattac­k response steps

- By David Sun David Sun is a principal with CLA, an accounting, auditing and profession­al services firm with offices throughout Connecticu­t.

With the Russian invasion in Ukraine continuing to lead the daily news and as sanctions by the United States against Russia escalate, acts of cyberterro­rism against businesses in this country are highly likely.

In fact, in a statement issued to the nation on March 21, President Biden called this “a critical moment to accelerate our work to improve domestic cybersecur­ity.”

In light of this potential threat, the Department of Homeland Security has issued a Shields Up guidance for all organizati­ons — regardless of size — to adopt a heightened posture when it comes to cybersecur­ity and protecting their most critical assets.

The time for hypervigil­ance is now. Ransomware is becoming increasing­ly sophistica­ted and can cost companies millions of dollars in a matter of minutes, data breaches can impact millions of consumers or compromise years of research, and banking fraud enabled by these attacks diverts millions of dollars. As such, businesses should ramp up testing and assessment of their cybersecur­ity programs and protocols to help secure their systems.

Consider these three response steps in the unfortunat­e event of a cyberattac­k — be it phishing, malware or ransomware:

Stop

Determine what happened or what is happening and what you must do to lock down your systems to stop the attack from spreading.

Notify your legal counsel, insurance carrier and the proper authoritie­s.

Cease any financial transactio­ns until they are validated and you are confident they are secure.

Quickly inventory all resources and organize your response team.

Think

Assess the nature and impact of the attack to determine its full scope and the extent of what was taken, damaged or compromise­d.

Affirm the actions you take do not compromise forensic evidence and the ability to fully investigat­e the compromise.

Attempt to determine the motivation for the cyberattac­k — money, trade secrets, reputation, etc.

Act

Establish your response and corporate level of risk tolerance (i.e., if ransomware, should you pay the ransom or risk stolen informatio­n being posted on the dark web).

Deploy lockdown and risk mitigation processes.

Develop a communicat­ion strategy that includes internal personnel, clients, and the general market.

Conduct a full forensic analysis of how the attack happened and why.

Organizati­ons must focus on every aspect of cybersecur­ity to help protect their business and avoid becoming a victim. From creating processes to utilizing high-end technology and educating employees about the dangers of “random clicking” — every one of these boxes must be checked to build a cybersecur­ity program that can help protect your organizati­on.

?? Associated Press ?? A joint cybersecur­ity advisory released by the Department of Energy, the Cybersecur­ity and Infrastruc­ture Security Agency, the National Security Agency and the FBI is photograph­ed in Washington.
Associated Press A joint cybersecur­ity advisory released by the Department of Energy, the Cybersecur­ity and Infrastruc­ture Security Agency, the National Security Agency and the FBI is photograph­ed in Washington.

Newspapers in English

Newspapers from United States