Cyberattacks regularly rank as the top concern for many businesses and security teams, and for good reason. With the number of ransomware attacks soaring to a new high, and the average cost of an attack reaching the millions, everyone wants to be as prepared as possible.
That’s where crisis simulation comes in. TechRadar Pro recently joined Hack in the Box for a crisis simulation event to get some insight into how preparation can make or break an organization after an attack.
Given that industry and critical infrastructure are facing more cyberattacks than ever, everyone’s at risk - no one can stop the attacks from coming, but planning and response is key.
It pays to be prepared
Speaking to TechRadar Pro, Hack In The Box CEO Haris Pylarinos noted there is, "no organization that is unhackable."
“Everyone will experience a hack - it's all about how you handle it, how fast you find out about it, and how you treat your customers through the process”
Cyberattacks can have a devastating impact, and the rising cost of breaches isn’t just financial, as many affected firms see their reputation damaged following an incident. But this doesn’t have to be the case, Pylarinos notes.
“I don't believe that your reputation is damaged if you have been breached," he says, "Your reputation is damaged if you don't handle an incident well.”
There are lots of ways to prepare for an attack, especially enforcing a strong password policy, employing backups, and adopting robust threat monitoring - but cybersecurity training, like crisis simulation exercises, can help ensures staff understand the basics and consequences of incident response.
“Sometimes we neglect the operator (of security software)," Pylarinos notes. "First of all, you need skilled operators, then you need the tools to accompany them. Right now we are witnessing more investment in the human element, which is material to the cyber problem.”
You can’t stop the tide, so making sure your security team is well prepared is key. Alongside up to date antivirus and firewalls, what businesses need most is well prepared security teams - and that’s exactly what this simulation helps prepare for. Your business can have all the latest software, but if staff are under-prepared or panicked, your response will fall short.
Human error remains the number one challenge for cybersecurity teams in preventing attacks, so making sure all employees are prepared - not just security leaders - can avoid falling into the trap of being panicked into action.
“Working on security comes with a big chunk of stress - that's the job," says Pylarinos. "You have stress when there's an incident, (but) you're not just stressed, you are panicked. You use your panic to your advantage by working methodically towards a solution, obviously, especially on professionals. But it's a tough job."
All roads lead to ransom
Ransomware is pretty much the end goal in any cyber attack, but Standard Chartered Bank’s Benedict Peet told TechRadar Pro the vast majority of attacks don’t reach this stage.
“All attacks result in a ransomware attack. I've been in this role for six years, we've never had a ransomware attack, ever," he notes.
If an attack is dealt with quickly and calmly, damage can be mitigated. So what makes robust incident responses stand out?
“A fantastic incident response is one that's well managed, it's well trained, it's well tested, and it's got experience of real life incidents under its belt," Peet says. "Just a general incident response is where there's a framework in place, there's no testing, there's no planning, there's no experience."
Importantly, firms should consider transparency throughout the incident response process in order to maintain customer and business partner trust after an incident, Pylarinos says.
“Customers need to know - it's the least you can do for your customers and it’s not just customers, it’s employees. You ought to tell them what's going on, and you ought to tell them, I'm doing everything in my power to restore that.”
Low hanging fruit
One chronically overlooked aspect to keeping your organization secure, is making sure those you work with are also following the best security practices. Third party vendors come with a huge risk, Peet explains.
“If you want to get into a big organization you go through (vendors). You go for the low hanging fruit," he says, “Knowing and assessing your third-party vendors is vital. I can't stress anymore how looking at the supply chain and understanding the risk associated with them is so important."
Assessing third parties isn’t easy, and there’s a huge element of trust involved - but it's not something which can be neglected.
“It's very difficult," Peet adds. "We've got 14,000 vendors globally providing everything from uniforms in retail branches to large scale data centers. And you've got to have a scalable security questionnaire to ask them.”
To do this, you have to keep talking - ask questions, collaborate, and work with other security teams to make sure every organization is as safe as possible when facing cybercriminals.
As Peet says, “hat's the most important thing - effective communication.”
You might also like
- Check out our list of the best malware removal software around today
- Microsoft challenges you to hack its LLM email service
- We've also rounded up the best identity theft protection on offer right now
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
