With ransomware attacks are on the rise, it’s never been more important for organisations to fight back – here’s how
CREDIT: This is an edited version of an article that originally appeared on Management Today
Cybersecurity should be at the forefront of every manager’s mind. But knowing what steps to take to protect yourself can be tricky. Below are six steps to get you started.
Understand your cyber risks and weak points
Cyberattackers will carry out extensive research on their targets to understand their weakness, so there’s no reason you should not do the same: understand your weak points, reinforce them and use that knowledge to inform your plans to respond to an attack.
Invest in prudent cybersecurity and keep software up to date
A lot of cyberattacks don’t need that much effort. Many of us are using systems that are out of date and have well-known security issues that are basically an open door to a cyberattack. Keeping them updated closes that door.
Investing in cybersecurity that is prudent for the size of your organisation and your level of risk is another basic step. Some cybersecurity companies, for example, will run test attacks on your systems, which can help identify weaknesses in security and help staff understand what to look for.
Train staff
You can have all the systems in the world, but staff are the first and most important line of defence. If they do not understand cyber risks, it is only a matter of time before someone opens an email they shouldn’t. Training staff and regularly refreshing the content with them will help keep your workplace safe and keep their personal devices safe too.
Have off-network back-ups and secure sensitive information
The most catastrophic attacks happen where back-ups are encrypted or non-existent. Regularly saving to a back-up of the network can ensure that you have the ability to restore encrypted or stolen data. If you handle highly-sensitive information, look at how best to store that data to prevent it from being stolen and leaked.
Have a plan for when you are attacked
Many of the experts Management Today talked to said it was a matter of “when, not if”, that a company will suffer a cyberattack. Having a plan with clear lines of accountability and decision-making means you will have a guide of what to do in those confusing and terrifying first few hours.
Having that plan and key staff contact details available off the network, for example in paper form, might help avoid the challenges Norsk Hydro faced.
Get insurance coverage
Having an insurance policy that covers cyberattacks and responds to the risks your organisation faces helps avoid catastrophic losses. A good insurer will support companies during and after an attack, linking them to external expertise to get systems online again.
Be the first to comment