CYBER CRISIS MANAGEMENT
A click on a malicious link, any unwanted services open, using any obsolete OS can be much more catastrophic for the organisation beyond one’s imagination and can lead to cyber crisis.
So what exactly Cyber Crisis is?
Cyber crisis is a situation of compromise, disruption or breach for the organisation’s critical information systems and data which is often known as Cyber Security Incident but these are beyond just incidents which can impact the reputation, financial outcomes and sometimes end up facing huge penalties.
Few of the Cyber Crisis situations are
- Breach in networks
- Credit card data or health data stolen
- Personal data compromise
- Denial of services
- Website crash
- Email hacking
- Zero day attack
Few of the very famous Examples of worldwide Cyber Crisis are:
WannaCry: In 2017 this ransom ware infected computers and encrypted content of hard drives and demanded ransom in order to decrypt the same. Many organisations suffered by this attack.
NonPetya:This is again a ransomware started phishing spam in 2016 which affected master boot record. It has also impacted many organisation having the vulnerabilities.
How to Develop Cyber Crisis Response Capabilities
- Identification of the key stakeholders at executive level from legal, finance, IT, Information Security and Physical Security and formulate a Crisis Management Team (CMT).
- Roles and responsibilities of each stakeholder shall be clearly defined, documented and communicated.
- Identify different scenarios of crisis and evaluate all the aspect by performing “What if” analysis and prepare responses accordingly for all the possible scenario. Organisation can take help of internal and external stakeholders as well as some expert consultants for this.
- Procedures for communication during any cyber shall be prepared according to different compliances pertaining to the organisation. These shall be readily available in case of contingency.
- Communication plans for external stakeholders, customers, media and external agencies shall be prepared.
- All the responsible stakeholders shall be trained and evaluated by performing drills or table top exercises on regular intervals.
- Identification of forensics experts within the organisation or some expert external agency like CERT for performing forensics and malware analysis to check the degree of damage done by incident.
- Last but not the least have someone who can handle the media for PR and as well as negotiate in case on ransomware.
Cyber Crisis is just like any other Information Security Incident, which can become a disaster if not addressed properly and diligently at right time. Cyber crisis can lead to huge penalties and business loss.
Cyber Crisis has following impacts:
- Damage to company reputation and brand image
- Loss of sensitive data and intellectual property
- Loss in business opportunities
- Cost of replacing the systems.
- Penalties from regulatory bodies or contractual compensation
List of few known Cyber Threats
- Trojan Horses
In a nutshell Cyber Crisis Management Plan help the organisation to manage post crisis chaos. When everything is defined and everyone is trained to handle the adverse situation like cyber crisis it becomes much easier to resume business operations. Sometimes few situations are unavoidable even after having a robust system in place, CCMP help the organisations to deal in such situations and thus helpful in Business Continuity purpose.