Many governing boards over the past year have had presentations and discussions about cyber security but most look at it as an unlikely event.

However, it is no longer the case of whether a company will be cyber breached or receive phishing/ransom attacks, but when it will occur. Actual cyber breaches do not get much publicity as most organizations do not want to talk about it, but they should in order to share experiences and possibly to put a stop to these serious situations.

I consult and I’m on a number of boards where I advise the directors to have a plan that includes the 10 steps outlined below to prepare for a cyber attack. I advise them to assume that hacking/phishing/ransom incidents are going to be successful and the goal is to limit the damage and recover more quickly.

The 10 recommended steps to get ready for a cyber attack

1. Have a decision-making process in place.

Develop a decision making process for cyber security issues including the process for authorization for ransom payment, how and which executives and the Board members are involved in the decision making process. Then document the process and make sure that all involved are familiar with it.

2. Prepare a communication plan

This is very important as it specifies who will be notified of the breach, in what manner and when. It would also include how the Board and staff will be kept upto date. Have both an internal/external communication plan ready with different messages depending on the issue. Develop an alert process to text all employees at one time with a specific alert. Create an email list unconnected to the organization’s email system so employees involved in the recovery can communicate with each other when the corporate email system is unavailable.

3. Set up a process for Bitcoin purchase

Many ransomware attacks hold your systems hostage until a ransom is paid to the attackers in Bitcoin. Rather than scramble to attain the crypto-currency when it happens, be ready ahead of time. Getting a Bitcoin account opened and enough smartphones ready to receive the bitcoins (there is a limit on the amount of bitcoins a smartphone is authorized to receive for its first use) is time-consuming and it is better done ahead of time. Also, anticipate a service fee of around 10 per cent.

4. Set up a Firewall and antivirus system review

Have an internal and then an external review to ensure that all anti-virus software and firewall are up to date and then conduct an intrusion detection test, (also known as a pen test) at least semi-annually and report the results to the Board and senior management.

5. Practice business procedures with computers being unavailable

Determine how business will be conducted if all the computers are unavailable or if data is encrypted and not accessible. Best practice is to adjust the business continuity plan to accommodate up to two weeks of technology partial unavailability while data is decrypted. Or better yet, have backups of your critical data ready to be restored at a moment’s notice.

6. Prioritize the process of recovering systems

A cyber attack may result in all the data and applications being encrypted. Once the decryption key becomes available, it is good to have a process in place to determine which needs to be recovered first: eg does payroll go before the financial system and email.

7. Develop a policy on data retention

This is important since the more emails and files staff keep, the longer it will take to recover. If the policy specifies how much data and emails should be retained, the recovery process would be faster.

8. Focus on regular applications and data backup processes

Backup and recovery procedures need to be examined, both from a security perspective as well as efficiency. For example, determine if your backup would be compromised by such attacks. Online external links should be well protected, especially online backups. Separate the backup data from the corporate data so there is no online bridge between them.

9. Get the experts in ahead of time

Identify and engage a cyber security specialist who you call on ahead of time to provide an assessment of the present environment and as well as when the incident occurs. You will receive better support if the expert is familiar with the technology environment.

10. Preventive measures

There are a number of preventative measures that can be taken to mitigate intrusion. These include:

  • Board and senior management educational sessions on cyber security and a review of the organizational readiness for such occurrences.
  • All staff to participate in quarterly educational session on technology security and cyber security.
  • Contractors and staff re-sign their Confidentiality Agreement and Computer Use Policy which addresses cyber security as part of the annual performance appraisal system.

As the saying goes you can never be too rich or too thin or totally prepared for a cyber attack but you can mitigate it so it has less impact on your business.

Would you recommend this article?

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Previous articleUsing Princes Cruises new Medallion a voyage in customer-driven IoT projects
Next articleThe Business Leadership Podcast: Adrian Salamunovic, co-founder FREE – PR
Catherine Aczel Boivie
Dr. Catherine Aczel Boivie is a widely respected executive with over 30 years of experience in the leadership of advancing the value of information technology as a business and education enabler. Prior executive roles includes: CEO Inventure Solutions and Senior Vice President of Information Technology/Facility Management for Vancity Credit Union; SVP of IT and Chief Information Officer at Pacific Blue Cross and Canadian Automobile Association of British Columbia. Catherine is also an experienced board member serving on several boards, including those of Commissioner for Complaints for Telecom-television Services, Canada Foundation for Innovation and MedicAlert Canada. Dr. Boivie is the founding Chair and President of the Chief Information Officers (CIO) Association of Canada that has over 400 Chief Information Officers as members across Canada. She has been publicly recognized for her contributions, including being named as one of Canada's top 100 most powerful women by the Women's Executive Network in the "Trailblazers and Trendsetters" category and the recipient of the Queen Elizabeth Diamond Jubilee medal for being a "catalyst for technology transformation".