CYBER CRISIS MANAGEMENT
A click on a malicious link, any unwanted services open, using any obsolete OS can be much more catastrophic for the organisation beyond one’s imagination and can lead to cyber crisis.
So what exactly Cyber Crisis is?
Cyber crisis is a situation of compromise, disruption or breach for the organisation’s critical information systems and data which is often known as Cyber Security Incident but these are beyond just incidents which can impact the reputation, financial outcomes and sometimes end up facing huge penalties.
Few of the Cyber Crisis situations are
- Breach in networks
- Credit card data or health data stolen
- Personal data compromise
- Denial of services
- Website crash
- Email hacking
- Zero day attack
Few of the very famous Examples of worldwide Cyber Crisis are:
WannaCry: In 2017 this ransom ware infected computers and encrypted content of hard drives and demanded ransom in order to decrypt the same. Many organisations suffered by this attack.
NonPetya:This is again a ransomware started phishing spam in 2016 which affected master boot record. It has also impacted many organisation having the vulnerabilities.
How to Develop Cyber Crisis Response Capabilities
- Identification of the key stakeholders at executive level from legal, finance, IT, Information Security and Physical Security and formulate a Crisis Management Team (CMT).
- Roles and responsibilities of each stakeholder shall be clearly defined, documented and communicated.
- Identify different scenarios of crisis and evaluate all the aspect by performing “What if” analysis and prepare responses accordingly for all the possible scenario. Organisation can take help of internal and external stakeholders as well as some expert consultants for this.
- Procedures for communication during any cyber shall be prepared according to different compliances pertaining to the organisation. These shall be readily available in case of contingency.
- Communication plans for external stakeholders, customers, media and external agencies shall be prepared.
- All the responsible stakeholders shall be trained and evaluated by performing drills or table top exercises on regular intervals.
- Identification of forensics experts within the organisation or some expert external agency like CERT for performing forensics and malware analysis to check the degree of damage done by incident.
- Last but not the least have someone who can handle the media for PR and as well as negotiate in case on ransomware.
Cyber Crisis is just like any other Information Security Incident, which can become a disaster if not addressed properly and diligently at right time. Cyber crisis can lead to huge penalties and business loss.
Cyber Crisis has following impacts:
- Damage to company reputation and brand image
- Loss of sensitive data and intellectual property
- Loss in business opportunities
- Cost of replacing the systems.
- Penalties from regulatory bodies or contractual compensation
List of few known Cyber Threats
- Trojan Horses
In a nutshell Cyber Crisis Management Plan help the organisation to manage post crisis chaos. When everything is defined and everyone is trained to handle the adverse situation like cyber crisis it becomes much easier to resume business operations. Sometimes few situations are unavoidable even after having a robust system in place, CCMP help the organisations to deal in such situations and thus helpful in Business Continuity purpose.
- Change happens through Excellence and Endurance of Leadership 6,500 km on Cycle: Mumbai to Ho Chi Minh City January 12, 2020
- WHY CYBER SECURITY TRAINING AND AWARENESS SHOULD BE NECESSARY FOR TOP MANAGEMENT? January 12, 2020
- INFORMATION SECURITY-KNOW WHAT COMPLIANCE YOUR ORGANIZATION NEED December 30, 2019
- HOW CEH Certification can add VALUE to your RESUME December 2, 2019
- HOW SOCIAL ENGINEERING IS USED IN PERSONAL INFORMATION STEALING? December 1, 2019
- CYBER SECURITY WORKSHOPS: AN EFFECTIVE WAY TO UNDERSTAND CYBER RISKS FOR BEGINNERS AND PROFESSIONALS November 17, 2019
- CYBER SECURITY CERTIFICATIONS FOR BEGINNERS November 3, 2019
- WHAT SHOULD I DO TO MAKE MY CAREER INTO INFORMATION SECURITY? October 14, 2019
- IS CYBER SECURITY A GOOD CAREER OPTION? October 6, 2019
- WHY BUSINESS CONTINUITY MANAGEMENT IS SO IMPORTANT FOR IT SERVICE PROVIDERS September 29, 2019
- CYBER SECURITY MUST KNOWS FOR CLOUD SERVICE PROVIDERS September 23, 2019
- DIGITAL MARKETERS SHOULD KNOW ABOUT CYBER SECURITY September 13, 2019
- Cyber Security Challenges Faced by Fintech Start-ups September 3, 2019
- HIPAA COMPLIANCE A NECESSITY FOR HEALTH CARE SECTOR August 27, 2019
- 7 Things I Learned Growing A YouTube Channel From 20k Views To 4 Million Views In 6 Months August 26, 2019
- COMMON CYBER SECURITY THREATS August 20, 2019
- CYBER CRISIS MANAGEMENT (So what exactly Cyber Crisis is?) August 10, 2019
- INFORMATION TECHNOLOGY (IT) RISK MANAGEMENT July 27, 2019
- 10 Tips For Cheap Travel Around The World July 9, 2019
- Is it Possible to Grow a Large Startup Team in a Coworking Space ? April 16, 2019
- Clinical Diagnosis, The contemporary, hands-on and real-time analysis April 11, 2019
- Do you wish to multiply your income? March 22, 2019
- Factors to Consider When Choosing a Right Coworking Space March 20, 2019
- How Digital Marketing can help to market co-working space February 25, 2019
- All you need to know about the August Google Panda Update February 5, 2019
- BOOK ON COMPLETE Text OF AMENDED SECTIONS AMENDED BY THE CENTRAL AND INTEGRATED GOODS AND SERVICES TAX (AMENDMENT) ACT, 2018 January 30, 2019
- The Future of Co-working: More than just WiFi and Desk January 29, 2019