How do I develop a cyber incident response plan?

The two key ways businesses can ensure this happens are; • Have supporting ‘how-to’ guides in place. Having common scenarios documented gives teams access to information that provides more context to possible attacks. • Businesses should invest time in undertaking regular incident response exercises. This involves identifying likely incident scenarios and building exercises that test your business’s ability to manage them. This leads on to thinking about the people element of cyber security, and its impact on keeping an incident response plan alive within a business. When cyber-attacks occur there is real life experience which the learnings from can be built into the future of the plan. Alongside this is the need for teams to be keeping themselves abreast of what is happening within your industry sector regarding cyber security and cyber-attacks. The 2021 UK Government Cyber Security Breaches Survey shows that the most common response to any cyber-attack is to make technical changes. This could suggest that fully investigating the root cause of incidents, or preventing people causing issues again, is ignored. It is increasingly important to encourage proactive investment in protecting your business, as so often we see organisations only doing this post-attack to protect themselves in the future. Further to this, during and after an attack there would be a greater understanding of the situation and what is required of everyone in the organisation, so applying these lessons learned to the incident response plan ongoing is a key step. It’s important to remember that according to the 2021 X-Force Threat Intelligence Index from IBM, human error was a major contributing cause in 95% of all breaches reported in their research, so to continually invest in staff awareness around cyber security can bolster all other efforts in the business ahead of any attack. Lastly, never forget that Incident Management should have a recovery and learning focus and not be about blame.

Identifying and mitigating cyber security risks in your business

01/08/2022 Cyber insurance Alan Boswell Group

Speak directly to our team

01603 218000

Send an enquiry

In the third article of our series with Cyberscale, Darren Chapman talks us through the identification of cyber security risks and how you can mitigate the risk to your business.

How do cyber risks arise in a business?
How can businesses mitigate their cyber security risks?
The ultimate line of defence?

Building a cyber security strategy for your organisation needs to be approached pragmatically, with a focus on understanding the risks you face from cyber crime. It is highly likely, with the threat landscape being so broad and fast moving, that a cyber attack on your business will happen and will have a significant impact.

As a consequence of these ever-increasing threats, cyber insurance rates are soaring and are accompanied by higher policy excesses and requirements for policyholders to improve management of data and network security. If insurers consider these to be inadequate, cyber insurance is often unavailable.

It is key to ensure that your organisation is aware of what cyber risks you are exposed to, and to develop appropriate measures to mitigate them before an exposure becomes real. Beyond this, the risk appetite of an organisation should accept that there will always be a certain level of exposure present when operating, but having a robust response plan embedded in the organisation allows for swift action.

How do cyber risks arise in a business?

Risk presents itself when policies or processes are not adhered to. Statistics show that human error accounts for 82% of cyber breaches which includes social attacks, errors, and misuse; 62% of cyber breaches emanate from ‘threat actors’ purporting to be a genuine customer or supplier.

Protection from cyber attacks is often focused on securing IT systems, protecting devices, and tightening processes. Whilst these are vital elements of an effective security strategy, staff are a critical component of risk identification that must not be overlooked. Staff at all levels can present a significant risk for businesses both due to the increased likelihood of a vulnerability and the multiple ways in which their actions can lead to a breach.

A lot of time is invested in ensuring that internal or proprietary systems are kept as safe as possible from issues such as email compromise, phishing campaigns, and ransomware attacks, but all businesses operate within a supply chain that encompasses a wide range of systems providers enabling them to function effectively. By engaging with third parties an organisation is introducing additional risk to its operations. This is arguably unavoidable as the proliferation of third-party providers enables businesses to deliver their core services without the need to create these ’in-house’. But, this single point of access through an external provider to disrupt many is an attractive prospect for cyber criminals as they can, potentially, disrupt many businesses at the same time through one single attack.

How can businesses mitigate their cyber security risks?

It’s important to understand that cyber security risk management is an ongoing process and as many businesses do not have dedicated cyber security resource it can be useful to work with an experienced specialist who can conduct a security audit or assessment.

Once the risks have been clearly identified, they should be addressed in order of the potential severity of repercussions from a cyber attack; tackling them all at once is not a realistic approach. Mitigation of cyber security risks comes in many forms, which will evolve as the business and threat landscape do. Measures to take include:

Implementing a range of technical and systems solutions, including antivirus software, firewalls, a password manager, and multi-factor authentication.
Regular staff training on cyber security risks and procedures.
Ensuring that there is an incident response plan in place, that communication around risks and security is maintained, and regular reviews of security measures are conducted.
Review your supply chain exposures and the level of security they have in place.
Review website and infrastructure exposures.
Establish sensible security controls to make it easier to get cyber insurance and at the same time satisfy applicable contractual exposures such as intellectual property rights, confidentiality and GDPR requirements. This is to protect against liabilities, increased costs and loss of income and reputation.
Put in place business continuity arrangements, testing, and back-up provisions.
Ensure good cyber hygiene – Cyber Essentials, or similar certifications, demonstrates an organisation has appropriate security and defences in place to protect against common cyber-attacks and security breaches.
Monitor networks. Software solutions are available which will help to analyse data and identify threat patterns which will be automatically identified and removed to contain potential threats.
Regular testing of defence measures is important to maintain cyber security, the key to having confidence in the security of your systems is through regular ‘penetration testing’.

The ultimate line of defence?

Cyber insurance should be regarded as an important business tool. All businesses store, process, or manage data and insurance will provide essential protection from the ramifications of a cyber attack. Cyber insurance covers your business from the regulatory, financial, and reputational losses suffered from a cyber attack and works to restore your business to the position it was in prior to the loss. To discuss how cyber insurance can protect your business, contact us on 01603 218000.

CyberScale are a Cyber Security Consultancy and Training provider. They provide pragmatic IT Security and Data Protection for businesses throughout the UK. Cybersecurity and data protection can be confusing and hard to keep up with, especially without dedicated staff. CyberScale will translate threats and regulations into what’s relevant to your business, and explain everything in a clear, non-technical way. Cyber Security is complex so making it simple is key, so you can concentrate on running your business. To find out more, contact CyberScale on 01603 339550 or email [email protected].

Related products: Business Insurance Cyber Insurance

Business Insurance

Popular Products

Financial Advice

Business financial services

Risk Management

Popular Products

Personal Insurance

Popular Products

Financial Planning

Financial planning services

Landlords Insurance

Landlords insurance

Latest News

Identifying and mitigating cyber security risks in your business

Speak directly to our team

Business Insurance Enquiry

Contact Details

Enquiry Details

How do cyber risks arise in a business?

How can businesses mitigate their cyber security risks?

The ultimate line of defence?

Speak directly to our team

How do cyber risks arise in a business?

How can businesses mitigate their cyber security risks?

The ultimate line of defence?

Related articles