In today’s digital world, cyber attacks are a constant threat against business and not simply its own network security, but also a company’s vendors. Data is the lifeblood of many organizations, making it a CEO’s worst nightmare for a company to fall prey to a cyber attack. And as most headline-grabbing data breaches demonstrate, many organizations fail to accurately prepare for and respond to cyber attacks—putting their customer relationships, reputation, and profits at risk.
The financial damage caused by a data breach is about $3.86 million per incident, according to the Ponemon Institute. Besides costs related to penalties and regulatory fines, data breaches take a significant toll on customer trust and loyalty. Research shows nearly seven in 10 consumers have boycotted (or would boycott) a company that did not protect their personal data.
So, what can companies do when faced with a debilitating cyber attack?
Kip James, a security industry veteran and Cyber Defense Magazine CISO of the Year, shares best practices around preparing for and responding to a cyber attack, along with tips for identifying the right partner to prevent further attacks.
What should companies do as soon as they learn they’ve been compromised?
First of all, companies tend to react without examining the problem. Rather than reacting without a strategy, you need to diagnose and trouble shoot the problem accurately and then make an informed decision of what your next steps should be.
What companies should also be doing is making sure they’re prepared before they’re hacked. Backing up data on a non-networked environment and testing at regular intervals will go a long way in preparing for the worst. The other critical elements are identifying the people, processes, and technology necessary to recover from an attack. An experienced partner can help by reviewing the strategy that’s in place [or lack thereof] and providing an outside view to identify the missing parts and weaknesses.
What should the company look for in a partner to provide cybersecurity protection?
First, you want to make sure the partner understands what your needs and your customer’s needs are to provide effective support. Also, make sure the partner has the right resources and technology to support those needs.
At TTEC, for example, we recently invested over $1 million in a highly secure platform for our customers’ data. That means we have the ability to protect and monitor the client’s environment, so that in the event that something out of the ordinary occurs, such as malware, we can quickly detect the abnormality and isolate it.
What’s your response to the fact that cyberthreats are constantly evolving? How can companies prepare for the unexpected?
Make sure you have an effective business continuity disaster recovery plan. That's the best assurance you could have to recover from an incident. Also, stay up to date on current cyber threats, make sure your technology is current—that includes patching your systems promptly when new patches come out—and conduct tests regularly.
And realize the dangers of cutting corners. I’ve seen buyers settle for the cheapest standard antivirus software they can find, leaving the business exposed. That’s why we’ve invested in technology that is more advanced than traditional antivirus solutions, because we understand how important it is to protect our customers.
In some data breaches, it was reported that the weakest link was an employee who inadvertently downloaded a virus or fell for some other trap. What’s your advice for preventing human errors like those?
My advice is to make sure employees are educated on how to protect themselves [from cyber attacks] and how to identify what is a risk versus not a risk and to provide regular updates. That’s also why you want a partner who values your data as much as you do—if not more. TTEC, for example, conducts mandatory annual employee security testing on data handling and data protection, in addition to utilizing technology-based security protocols.
What’s the key takeaway for surviving a cyber attack?
The key takeaway is that every organization should assume it’s a target for a data breach. However, proactively identifying the people, processes, and technology critical to preventing an attack as well as recovering from one will determine whether the company sinks or thrives.