The urgent need to protect yourselves now, plus free assessment tool
April 2022: Larry Lafferty, CEO of Group Salus – a CRJ Partner – introduces a four-part series on cybersecurity for small to medium size enterprises and offers a free assessment tool to CRJ readers.
The invasion of Ukraine has brought fears that that Russian actors will mount intensive cyberattacks on Western countries including businesses, governmental organisations and other targets. The Russians may be coming for our computer systems and small and medium-sized businesses (SMEs) are highly vulnerable to attacks.
According to the Ponemon Institute (2016), 55 per cent of small to mid-sized businesses have experienced an attack and experts say nearly 60 per cent of SMEs go out of business within six months of a cyberattack. Yet, according to Ponemon, only 14 per cent of SMEs say they are adequately prepared for an attack.
A separate survey of SMEs by Group Salus in 2020 found that nearly half of businesses who reported cyber incidents lost an average of $200,000 each. You can see the Group Salus survey here.
In addition to taking measures to prevent a cyber incident, SMEs also need to be ready to respond if they are attacked. Some contend that it’s not a matter of if they will be attacked, but when.
There are four steps SMEs can take to develop and execute a cyber incident response. First, they need to determine their Readiness to respond, then they need to build a Response Plan for a cyber incident. Next, SMEs will use the plan to Prepare for an incident and finally, if needed, Execute the response. In a four-part blog series, we will take a deeper dive into each step, starting with Readiness.
Readiness begins by conducting a cyber incident response risk assessment. The day an incident occurs is not the time to wonder what to do. The assessment will help SMEs understand what they need to be ready, identify the resources they have in place and those they need to secure in order to conduct an effective response to an incident. A good assessment will follow the 5Ps of crisis management: Protocol; People; Plan; Preparation; and Practise.
Under Protocol, the assessment determines whether SMEs have in place a good system to judge the magnitude of a potential cyber incident. Most organisations use a colour-based protocol with ‘green’ being of little to no impact and ‘red’ representing an incident that could cause significant financial and reputational harm to an organisation. There are specific response steps an organisation will take based on the protocol.
Under People, the assessment determines if an SME has identified a response team and outlined the roles they would play in an actual incident. Plan investigates if a response plan exists and then walks the SMEs through a process to help them create one.
Preparation looks at the actual resources of an SME, such as customer lists in case customers need to be notified, contacts at regulatory organisations that may need to be alerted, communications templates for customers, employees and media, if the incident becomes widely known to the public, and more. Finally, Practise helps SMEs determine whether they have the resources to practise their response consistently using simulated incidents.
The assessment is then graded and scored to determine an organisation’s readiness to respond. Group Salus, which has developed a cloud-based solution, called PreTector, to help SMEs respond to cyber incidents, offers an assessment free of charge to Crisis Response Journal readers. You can get a copy of it here and fill in the contact information on the survey and submit it. We will score it and return it to you.
Next in this series will be: Plan. In the meantime, for more information about how Group Salus can help small to medium sized enterprises, click here
Image: Adobe Stock