The role of cybersecurity in business continuity

Drawing on his 25 years of experience, Mo Ahddoud, CEO, Chameleon Cyber Consultants assesses the cost of cybersecurity breaches and outlines the best ways to take action.

Traditionally, business continuity has focused on maintaining operations during a catastrophic event such as a natural disaster, a fire or a disease outbreak.

But, the rapid acceleration of digital transformation and widespread adoption of work-from-home policies means the risks posed by cybersecurity breaches are among the greatest faced by businesses today.

From preventative measures to what to do in the event of an attack, and how to recover afterwards, this article acts as a checklist for businesses wanting to ensure they’ve adequately considered cyber in their continuity planning.

The prevalence of cyber-attacks

Why are cyber-attacks such a dangerous new threat? To put it simply, data is often a business’s most valuable asset. We live in a world of information and cyber-criminals know the disruption that losing anything from confidential customer information to sales tracking can cause.

While not every business is being targeted by cyber-criminals, those that are often experienced attacks on a regular basis. 39% of UK businesses identified a cyber-attack in the last 12 months, with 31% of companies estimating they were targeted at least once a week.

Given how likely cyber-attackers are to strike repeatedly once they’ve targeted a business, it’s important that organisations make cybersecurity a central feature of their business continuity plans. Cleaning up the mess each time it happens isn’t going to be enough.

The cost of cyber-attacks on businesses

Cyber-attacks can have a devastating impact on any organisation, but particularly small and medium-sized businesses, which often lack the resources to bounce back from such incidents.

First, there’s the lost revenue. Business downtime is likely to be one of the biggest expenses associated with a breach. If your operations are mainly online, each day your systems are down will drastically affect your revenue.

Next, there’s the cost of remedying damage caused by an attack. It could take a team of security consultants days or even weeks to fix a breach, depending on how sophisticated it is. I’ve seen remediation take up to 40 days in some organisations! You’ll also need to ensure you’re better protected from future attacks, which may mean hiring more security experts to identify and resolve vulnerabilities.

Finally, there may well be legal fees associated with data breaches, particularly if the breach means that an organisation fails in its data protection responsibilities under jurisdiction like GDPR.

All of this means that your business may need to stump up thousands to fix a cyber-attack. While the average estimated cost of cyber-attacks in the UK is £4,200, a global study found median losses to be $28,129. If you haven’t planned ahead to mitigate the damage, the costs are likely to be far greater.

Of course, a cyber-attack can also result in reputational damage. This is harder to put a price on, but, in some cases, it can be fatal for a business—especially if it’s smaller and less established.

How should businesses plan for a cyber-breach?

In order to minimise lost revenue and reputational damage, it’s vital that businesses plan for cyber-attacks as they do for other threats.

By ensuring IT security specialists work closely with your business continuity experts, you can devise a robust, company-wide strategy for dealing with cyber-breaches, enabling every department within your business to respond quickly and effectively if cyber criminals strike. Here’s what that strategy should include:

Preventative measures

Start by making sure your business is doing all it can to prevent cyber-attacks from happening in the first place. Here are some essential safeguards: Switch on your firewall; activate robust antivirus software; educate staff on threats and control what software they can download; keep all devices updated; transfer files using secure cloud storage rather than USB drives and memory sticks; back up your data regularly; continuously monitor your systems and keep on top of the latest GDPR compliance; have a major cyber IR plan that links into your DR plan.

Undertake a business impact assessment

Some cyber-attacks are more severe than others and a single breach can affect departments differently. A business impact analysis (BIA) identifies potential cybersecurity risks, then measures the impact they may have on each team in your organisation. It considers the impact on operations, finances and reputation.

Conducting a BIA gives staff a greater understanding of what to expect in a breach, enabling them to respond quickly and minimise lost revenue. It’s an important part of any business continuity plan.

Understand third party risks

If a key service provider has a systems outage and can’t deliver, what will be the impact on your business? The last two years have seen a constant wave of global supply chain disruptions and the increased threat of cyber-attacks is among the greatest challenges. So it’s important to assess how your business would respond to supply chain risks and aim to reduce dependence on individual suppliers.

Develop an incident response plan

The threat from cyber criminals changes all the time – they’re always looking for new ways to attack businesses. Even the most advanced preventative measures won’t guarantee that your company is safe.

Your organisation needs to be prepared for the worst, which means having an incident response plan that’s reviewed and updated regularly. It should contain:

• Staff actions, roles and responsibilities in the event of cyber-attacks
• An outline of the issues that need to be addressed within the first 48 hours
• An emergency communications plan to keep all stakeholders (including customers and clients) up-to-date on the latest developments
• Plans for cloud continuity, so data can be accessed without any interruptions
• Details of your cyber insurance policy, which covers your business from loss of revenue

Perform regular testing

To check your incident response plans are fit for purpose, you should test them regularly. This should involve tabletop exercises, practice crisis communications, walk-throughs and emergency enactments.

Set up post-incident reporting

If a cyber-attack hits your business, it’s vital you learn lessons to reduce the chances of it happening again. There are three things to consider: Who carried out the attack and are they still a threat to your company?; How effective were your defences and could they be improved?; If you had to respond to the incident again, what would you do differently?

Throughout the reporting process, it’s essential to create an open and honest environment and encourage a ‘no blame’ culture, rather than singling out individuals. After all, the responsibility for cyber-breaches sits at an organisational level.

Cybersecurity has a key role to play in business continuity

Cyber-attacks happen frequently and can lead to significant losses in revenue, as well as reputational damage. It’s the responsibility of business leaders to make cybersecurity a key part of their organisation’s continuity plan. By being aware of the risks, taking measures to prevent cyber-attacks and planning what to do in the event of a breach, you can minimise disruption to your services and protect your key stakeholders – including your employees and customers.

At Chameleon Cyber Consultants, we help businesses build cyber into their strategic planning from the board level down. To find out more about how we can help your organisation, visit: www.chameleoncyberconsultants.com