top of page

Cyber preparedness and response work hand-in-hand

By Brian Robb

Here are three main areas of preparedness companies should focus on to successfully recover from any cyber event.

Cyber preparedness and response work hand-in-hand
Planning for all cyber risks is important, but in making a defense strategy, it is crucial for companies to expect to be a victim of a ransomware attack, even if it seems unlikely. (Photo by Getty Images)

When an organization is alerted that it has been the victim of a cyberattack, time is of the essence. The next few steps could either quickly secure the company from further damage or dig a deeper hole towards destruction.

While cybersecurity continues to challenge organizations across all industries and of all sizes, it is important for leaders to turn their attention to both preparedness and response. These two work hand-in-hand, and oftentimes, the cornerstone of a successful cyber incident response is anchored in preparedness.

There is a stark difference in the response to various types of cyber events. For example, a data breach response has a different path towards recovery than a ransomware one. Overcoming a data breach can typically focus on notification of those impacted while closing the point of entry of the hacker and pivoting to credit monitoring. Meanwhile, responding to a ransomware event will likely involve forensic investigation, remediation, and restoration/recovery efforts involving system backups. No matter which path is taken, it is nearly impossible to have an effective response without adequate preparedness.

Three areas of focus to strengthen resilience

Now is the time to get prepared. When looking ahead to the remainder of 2021, ransomware is showing to be one of the greatest cyber risks. Ransomware events are on the rise and are not expected to slow down in 2021 — in frequency or complexity — according to the Sophos 2021 Threat Report. While planning for all cyber risks is important, it is crucial for companies to expect to be a victim of a ransomware attack, even if they think it is extremely unlikely.

To successfully recover from any cyber event, a company’s focus should be on these three areas of preparedness.

No. 1: Technical

Ensure the organization has the proper security controls in place to identify and defend against an attacker. Putting security controls in place, such as next-generation anti-virus, endpoint detection responses and firewalls, can often reduce the impact of an attack. Additionally, proactively segmenting a company’s system can help with response and recovery time, as the attacker will likely be unable to take down the entire system in one attack.

No. 2: Response

Once a company realizes it has had a cyberattack, the first steps should be clearly laid out – who to call, who to alert, and how to triage the situation. To ensure all areas are covered and considered, it is important to have a prepared, detailed list that will smoothly lead to a quick recovery process. For example, privacy counsel, forensics and an insurance carrier should be a few of the calls early on. Companies can then turn their heads towards recovery and restoration of systems and resuming business operations. All of these steps take detailed planning to ensure careful execution.

No. 3: Testing

One of the most critical steps in planning is in testing. By testing response plans, organizations can clearly see where the areas of improvement might be in the recovery process. It will show the consequences of poorly planned steps and reactions — those that could lead to more damage, more expenses and more business interruption. Proper testing of response plans can shed light on whether a company’s planning efforts will be successful or catastrophic to its operations.

While most people know the basics of what can happen with a cyberattack, the details of the threat — like all aspects of cybersecurity — are constantly evolving. The tools, tactics and procedures used by attackers continue to change. A well thought out, planned and prepared response is key. Know your organization’s strong points as well as its shortfalls, ensuring its preparedness is as strong as its response.


Original article shared here:

Proudly offering Michigan Cyber Liability Insurance in Northville, Ann Arbor, Canton, Detroit, Dearborn Heights, Garden City, Farmington, Farmington Hills, Inkster, Livonia, Novi, South Lyon, Southfield, Redford, Wayne, Westland, Wixom, Ypsilanti, Pittsfield, & Scio Township, Michigan.

670 Griswold Street #100 Northville, MI 48167

                     (248) 349-1122

  • Grey LinkedIn Icon
  • Grey Google Places Icon

CA License: 0G47886

We use cookies to personalize and enhance your experience on our site.  Visit our Privacy Policy to learn more. By using our site, you agree to our use of cookies, as well as our Privacy Policy and Terms of use.

I'm a paragraph. Click here to add your own text and edit me. It's easy.

I'm a paragraph. Click here to add your own text and edit me. It's easy.

bottom of page