CYBER CRISIS MANAGEMENT PLAN: A NECESSITY
Cyber security incident is a crisis scenario that every organization is vulnerable to. It is almost impossible to protect the business 100% from cyberattacks, but we can create an effective incident response plan that instructs our IT team on how to respond to an attack. Effective crisis management is not the same as cyber incident response. A computer incident could refer to such as malware infection, Application/network disruption involved limited information disclosure and can be handled by incident response plan. Just an information may be provided to CIO/CISO for such incident. Cyber crisis refers to more serious incident that has potential to cause significant financial loss or brand reputation damage and company’s top management CEO, COO, CFO, CIO, CISO must be involved.
IT (Information Technology) systems are vulnerable to a different type of threats from a variety of sources such as natural disasters, human error, and hacker attacks. The disruptions due to these threats can be from short-time power outage, hard disk drive failure to severe like equipment destruction, fire, online database hacked. Crisis management planning include those steps to recover IT services from an emergency or system disruption.
Crisis Management Plan and BCP/DR are interrelated but distinct. DR details of procedures and steps to recover from a disaster.
Business Continuity Plan= Crisis Management Plan + DR Plan Cyber Crisis lifecycle: Pre-Crisis, Crisis phase and Post Crisis.
Crisis Detection: Detection information may come from external sources, such as – customer complaint, regulator complaint, and any other third party; and also from internal sources like helpdesk team and the team engaged for “Security Incident Management Procedure”.
Pre-Crisis Phase includes--- 24*7 monitoring, identifying and creating a crisis team – a group of people working across the business who will be responsible for the strategy and for seeing it through. Appointing expert media trained spokesperson to be interviewed. Identifying employees, shareholders, stakeholders, the public, partners and the media.
Communication templates for breach notifications should be ready, for example for GDPR.
Templates of statements for customers, business partners, media and external agencies should be prepared;
For Banking sector, RBI Guidelines should be followed.
Crisis phase: Management must be prepared to communicate, as needed, across all media, including social media, in ways that assure stakeholders that the organization’s response is equal to the situation, through the right channels and via the crisis team – before rumor, incorrect information or negative reactions start to propagate. Being silent is not a good step and people/stakeholder may think as something wrong/hidden thing and organization brand reputation can be damaged.
Need to know whether there was any failure on the part of the organization, either due to a lack of control in its systems, processes, policies or technology. As per situation demand, apology/ accepting some responsibility is not a wrong step. Recovery strategy with brief details can be explained. Govt or Law & order maintaining department should be informed as per the severity of crisis and as per company’s guidelines.
Need to determine the affected stakeholders and if any data is exposed than need to determine, what data has been exposed, and impact of this. If personally identifiable information (PII) was involved, steps have to follow as per data privacy legal rule. Communication templates for breach notifications should be used as required by applicable privacy laws, for example GDPR
During this phase, companies will take the opportunity to look back and reflect. They do the deep analysis and investigation, RCA (Root cause Analysis) to know the root cause, which helps them to change their policy/procedure, Preventive action for the next crisis. It’s a lesson learning also for the company. Lesson learnt database must be created.
Post-crisis, organization should be in touch with the media and different stakeholders to rebuild the relationship and trust. If you’ve handled the crisis well, there should be latent trust and credibility that you can build on.
CHALLENGES FOR CYBER CRISIS MANAGEMENT PLAN:
1. Company’s top management lacks understanding of their role & responsibility in case of Cyber Crisis.
2. Communication plan, trained media Spokesperson is not defined.
3. No guidelines when to communicate to Law & Order govt department,
4. Cyber Crisis Management plan never exercised/tested.
5. Templates of statements for customers, business partners, media and external agencies not prepared.
6. Either there is no insurance coverage for cyber crisis or it’s T&C not clearly defined.
MOST VULNERABLE INDUSTRY FOR CYBER ATTACK IN INDIA:
* Banking & Financial
* Power industry
* Manufacturing Industry
Accenture introduces myNav Green Cloud Advisor
Accenture has launched Green Cloud Advisor, a new capability for the Accenture myNav platf...
Citrix gains recognition for delivering Secure Remote Access Solutions
Citrix Systems has announced its being recognized among the most important and innovative...
Trend Micro announces 'Partner Ninja' Program for Channels at the Partner Day 2021
Trend Micro Incorporated recently held its virtual regional partner conference, Partn...
The post-pandemic world reshaping the security challenges
Plus, there are many advantages in storing data centrally and off-premise when it comes...
Dreamforce Everywhere: Salesforce Announces the First Global Dreamforce
Salesforce (NYSE: CRM), the global leader in CRM, today announced the first-ever global Dr...