CYBER CRISIS MANAGEMENT PLAN: A NECESSITY
Cyber security incident is a crisis scenario that every organization is vulnerable to. It is almost impossible to protect the business 100% from cyberattacks, but we can create an effective incident response plan that instructs our IT team on how to respond to an attack. Effective crisis management is not the same as cyber incident response. A computer incident could refer to such as malware infection, Application/network disruption involved limited information disclosure and can be handled by incident response plan. Just an information may be provided to CIO/CISO for such incident. Cyber crisis refers to more serious incident that has potential to cause significant financial loss or brand reputation damage and company’s top management CEO, COO, CFO, CIO, CISO must be involved.
IT (Information Technology) systems are vulnerable to a different type of threats from a variety of sources such as natural disasters, human error, and hacker attacks. The disruptions due to these threats can be from short-time power outage, hard disk drive failure to severe like equipment destruction, fire, online database hacked. Crisis management planning include those steps to recover IT services from an emergency or system disruption.
Crisis Management Plan and BCP/DR are interrelated but distinct. DR details of procedures and steps to recover from a disaster.
Business Continuity Plan= Crisis Management Plan + DR Plan Cyber Crisis lifecycle: Pre-Crisis, Crisis phase and Post Crisis.
Crisis Detection: Detection information may come from external sources, such as – customer complaint, regulator complaint, and any other third party; and also from internal sources like helpdesk team and the team engaged for “Security Incident Management Procedure”.
Pre-Crisis Phase includes--- 24*7 monitoring, identifying and creating a crisis team – a group of people working across the business who will be responsible for the strategy and for seeing it through. Appointing expert media trained spokesperson to be interviewed. Identifying employees, shareholders, stakeholders, the public, partners and the media.
Communication templates for breach notifications should be ready, for example for GDPR.
Templates of statements for customers, business partners, media and external agencies should be prepared;
For Banking sector, RBI Guidelines should be followed.
Crisis phase: Management must be prepared to communicate, as needed, across all media, including social media, in ways that assure stakeholders that the organization’s response is equal to the situation, through the right channels and via the crisis team – before rumor, incorrect information or negative reactions start to propagate. Being silent is not a good step and people/stakeholder may think as something wrong/hidden thing and organization brand reputation can be damaged.
Need to know whether there was any failure on the part of the organization, either due to a lack of control in its systems, processes, policies or technology. As per situation demand, apology/ accepting some responsibility is not a wrong step. Recovery strategy with brief details can be explained. Govt or Law & order maintaining department should be informed as per the severity of crisis and as per company’s guidelines.
Need to determine the affected stakeholders and if any data is exposed than need to determine, what data has been exposed, and impact of this. If personally identifiable information (PII) was involved, steps have to follow as per data privacy legal rule. Communication templates for breach notifications should be used as required by applicable privacy laws, for example GDPR
During this phase, companies will take the opportunity to look back and reflect. They do the deep analysis and investigation, RCA (Root cause Analysis) to know the root cause, which helps them to change their policy/procedure, Preventive action for the next crisis. It’s a lesson learning also for the company. Lesson learnt database must be created.
Post-crisis, organization should be in touch with the media and different stakeholders to rebuild the relationship and trust. If you’ve handled the crisis well, there should be latent trust and credibility that you can build on.
CHALLENGES FOR CYBER CRISIS MANAGEMENT PLAN:
1. Company’s top management lacks understanding of their role & responsibility in case of Cyber Crisis.
2. Communication plan, trained media Spokesperson is not defined.
3. No guidelines when to communicate to Law & Order govt department,
4. Cyber Crisis Management plan never exercised/tested.
5. Templates of statements for customers, business partners, media and external agencies not prepared.
6. Either there is no insurance coverage for cyber crisis or it’s T&C not clearly defined.
MOST VULNERABLE INDUSTRY FOR CYBER ATTACK IN INDIA:
* Banking & Financial
* Power industry
* Manufacturing Industry
Happiest Minds included in Now Tech: Robotic Process Automation Services analyst report
Happiest Minds Technologies Limited (NSE: HAPPSTMNDS), a ‘Born Digital. Born Agile&r...
Keysight Delivers New IoT Security Assessment Test Software
Keysight Technologies, Inc. (NYSE: KEYS), a leading technology company that delivers advan...
Eightfold AI and Tata Consultancy Services together to Transform Talent Management for Enterprises across the globe
Eightfold AI today announced its partnership with Tata Consultancy Services (TCS), a globa...
Asia-Pacific Women leaders power up for 4th annual Women to held from November 1-5
Hundreds of ambitious women in business will gather virtually at the fourth annual Wo...
India Pavilion at Expo 2020 Dubai to host ‘Space Week’ starting 17th Oct
The India Pavilion at Expo 2020 Dubai today announced the agenda for the upcoming Space We...
FOCUS BANGALORE and NSIC organises virtual conference
FOCUS BANGALORE( Forum of Critical Utility Services) and NSIC ( National Small Industries...