What Should You Do If Your Business Is Hacked? (£)

Uploaded on 2016-04-11 in Directors Reports

Unfortunately hacking is now part of the current culture and around 85% of businesses worldwide have been hacked in one form or many.

Most Boards have decided not to discuss these issues outside of their security, computer, IT or Board rooms and believe that the PR issues involved are more damaging than the actual attacks themselves and they have decided to keep the issues media quite.

Much as this might make sense to the Directors of banks, consultancies, insurance businesses and retail operations, to name only a few, the issues should be broadened internally in order to engage with potential solutions that cross security boundaries.

Over half of CIOs interviewed say that they have reported a large increase in hacks in 2015 and that they do not yet see this decreasing. But of course reporting this to the Board is not positive and often there is a mistaken belief that therefore the CIO and CSO are to blame within the organisation and so the IT Management has reduced the number of times that they report cyber incidents to the senior management as they do not want to put their jobs at risk.

For instance the retailer, Target in 2013 was attacked by a memory-only Trojan, then the hackers stole over 40 million credit card numbers, phone numbers, addresses and security codes. Trojan computing is malicious software that is delivered by appearing to be a normal attachment to an email where information is asked, for it to be filled in, or new information downloaded.

This of course is only one recorded incident of many and it is important to understand from your own industry point of view what the current attacks are like and what specialists say are the best ways of reducing risk and acting if an attack happens.

Currently, in the US, healthcare, financial services and higher education sectors are particularly vulnerable to data breaches. These attacks were caused by malware or hacks. 

And so what should you do as part of the Board – first you should discuss these issues more broadly and gradually get into the detail once you have also done some background research, concerning the areas of business that you are involved in, and where the hacking attacks are most likely to focus upon.

Form a cyber comprehension club/department and get employees and Directors and management from different parts of the organisation to take part. Discuss the ways in which systems in your industry get attacked, experience theft and shutdowns and what the best methods for security that are currently being used.

Clarity of the issues and discussion of the required and potential security initiatives would significantly help to reduce the potential of attack and the effects and resolutions once attacks take place.

« Islamic State Recruits Indian Hackers
Ukraine - More Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Westminster eForum

Westminster eForum

Wesrtminster eForum runs a series of conferences on matters relating to the UKs Digital Strategy. Topics include Smart Cities and Cyber Security.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Pryv

Pryv

Pryv is a Swissmade software for privacy, personal data collection, usage, sharing and storage.

Sequretek

Sequretek

Sequretek was formed with the aim to “Simplify Security”. We envision a future where enterprise networks are streamlined, secure and simple.

Arqit Quantum

Arqit Quantum

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

Trusted Technologies and Solutions (TTS)

Trusted Technologies and Solutions (TTS)

TTS is a security consulting company specialised on business continuity and crisis management, information security management, information risk management and identity and access management.

FINX Capital

FINX Capital

FINX strives to solve the cybersecurity issues with its proprietary technolog, FINX SHIELD, by utilizing big data, blockchain combined with artificial intelligence.

Ruptura InfoSecurity

Ruptura InfoSecurity

Ruptura InfoSecurity provide CREST Accredited Penetration Testing & Offensive Security Services. We secure your critical assets through targeted and research driven penetration testing.

Somerville

Somerville

Somerville are a full service IT partner with over 40 years experience delivering exceptional service and value to our customers.

Disecto Technologies

Disecto Technologies

At Disecto, we provide SaaS based Data Discovery, Classification and a remediation solution for data privacy compliance.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.