Would you pay a ransom?
In the event of a cyber attack, business leaders need to make critical decisions under extreme pressure. Sharpening your crisis decision-making skills could be the difference between success and failure.
As the leader of CyberCX’s incident response team, Nick Klein (left) advises boards and executives across many industries on how to prevent a cyber assault and how to be prepared for when the attackers get through your defences. With more than 20 years of experience tackling cybercrime and major data breaches, including as a federal agent, Klein has clear insights on how to make good decisions in bad situations.
When you talk to executives and board directors about cybersecurity, what’s keeping them up at night?
Without a doubt, it’s the threat of ransomware. Just about every senior business leader has seen the headlines about cyber attacks and ransomware and thought: could that happen to us? Would we survive a cyber incident? Would we pay a ransom? These are important questions that leaders should consider before an attack occurs, with experienced professional guidance.
Is there any way for a business to be completely safe from a cyber attack?
Unfortunately, there is no “silver bullet” that can protect against all forms of cyber risk. Cyber threats are continually evolving. More of our work and personal lives are becoming reliant on connected technology so there will always be risk. But that risk can certainly be managed.
What are the most effective ways to reduce cyber risk?
Building resilience into your organisation is crucial. A big part of that is understanding the sorts of critical decisions you will face if an attacker manages to breach your defences. Improving your cyber maturity and having a framework for decision-making can go a long way to mitigating the risk of a worst-case scenario.
When an organisation does experience a cyber incident, what factors make them more likely to successfully recover?
Businesses that invest time and effort in preparing for a cyber incident invariably manage real-life crises much better, recover quicker and generally have more successful outcomes. Regular attack simulation exercises, based on real-life threat intelligence, provide both technical teams and senior executives with excellent learning experiences but without the destructive consequences of a real-life attack. And they’re far more cost-effective than paying a ransom.
Learn more at cybercx.com.au/resilience