What Should You Do If Your Business Is Hacked? (£)

Uploaded on 2016-04-11 in Directors Reports

Unfortunately hacking is now part of the current culture and around 85% of businesses worldwide have been hacked in one form or many.

Most Boards have decided not to discuss these issues outside of their security, computer, IT or Board rooms and believe that the PR issues involved are more damaging than the actual attacks themselves and they have decided to keep the issues media quite.

Much as this might make sense to the Directors of banks, consultancies, insurance businesses and retail operations, to name only a few, the issues should be broadened internally in order to engage with potential solutions that cross security boundaries.

Over half of CIOs interviewed say that they have reported a large increase in hacks in 2015 and that they do not yet see this decreasing. But of course reporting this to the Board is not positive and often there is a mistaken belief that therefore the CIO and CSO are to blame within the organisation and so the IT Management has reduced the number of times that they report cyber incidents to the senior management as they do not want to put their jobs at risk.

For instance the retailer, Target in 2013 was attacked by a memory-only Trojan, then the hackers stole over 40 million credit card numbers, phone numbers, addresses and security codes. Trojan computing is malicious software that is delivered by appearing to be a normal attachment to an email where information is asked, for it to be filled in, or new information downloaded.

This of course is only one recorded incident of many and it is important to understand from your own industry point of view what the current attacks are like and what specialists say are the best ways of reducing risk and acting if an attack happens.

Currently, in the US, healthcare, financial services and higher education sectors are particularly vulnerable to data breaches. These attacks were caused by malware or hacks. 

And so what should you do as part of the Board – first you should discuss these issues more broadly and gradually get into the detail once you have also done some background research, concerning the areas of business that you are involved in, and where the hacking attacks are most likely to focus upon.

Form a cyber comprehension club/department and get employees and Directors and management from different parts of the organisation to take part. Discuss the ways in which systems in your industry get attacked, experience theft and shutdowns and what the best methods for security that are currently being used.

Clarity of the issues and discussion of the required and potential security initiatives would significantly help to reduce the potential of attack and the effects and resolutions once attacks take place.

« Islamic State Recruits Indian Hackers
Ukraine - More Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Trustwave

Trustwave

Trustwave is a leader in managed detection and response (MDR), managed security services (MSS), consulting and professional services, database security, and email security.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

BTblock

BTblock

Blockchain and cybersecurity is a vital combination for Enterprise success. BTblock is a Force Multiplier for its clients.

Converge Technology Solutions

Converge Technology Solutions

Converge Technology Solutions Corp. is a North American IT solution provider delivering advanced analytics, cloud, cybersecurity, and managed services solutions.

Infosec Global

Infosec Global

Infosec Global provides technology innovation, thought leadership and expertise in cryptographic life-cycle management.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

LogicalTrust

LogicalTrust

LogicalTrust security testing specialists find the weakest points in your company and show you how to fix them step-by-step, as well as how to improve your security.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

BalkanID

BalkanID

BalkanID is an Identity governance solution that leverages data science to provide visibility into your SaaS & public cloud entitlement sprawl.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.