CYBER ATTACKS - FIGHTING THE INVISIBLE ENEMY
When it comes to Risk and Business Continuity the traditional focus on fire, flood and theft has now been replaced with a less visible, but highly destructive threat in the form of cyber-crime, viruses and attacks on business's data and I.T. environments.
Five years ago almost every business had their traditional IT systems and programs sitting separately from their communication technologies - such as their PBX's, conference calls, outbound and inbound phone lines. Today it is more likely that these services sit within the traditional IT infrastructure. On paper this offers huge benefits but has one major flaw; when a cyber-attack hits, it's no longer just internet access, computers and servers that are compromised. All communication channels are vulnerable. In many situations the only option is to go dark and take everything off-line, resulting in no emails, no internet access, no incoming or outgoing phone calls, no conference calls with clients. A business's ability to communicate internally with its own employees, and with the outside world is significantly impacted.
BUSINESS CONTINUITY DURING CYBER ATTACK
As specialists in integrated communications and infrastructure for some of the top firms in The City, managing their global communications, we have supported firms through potentially catastrophic cyber attacks.
Here are our top ten tips on maintaining business should you be subject to cyber attacks or data breaches:
1. Protect your brand at all costs. Perception is reality.
It is unacceptable for a customer focused firm to be unavailable for any length of time.
Being able to demonstrate that regardless of the situation, you are open for business and capable of maintaining high service levels builds trust, customer loyalty and professional respect.
2. Enable your teams to focus on the crisis.
When a crisis hits, you will require total focus, concentrated effort and coordinated teamwork to survive. Create space and mitigate risk by ring-fencing the front line experience. Triaging internal services, information updates and escalation requests engenders an atmosphere of uninterrupted calm and control, and puts you back on the front foot.
3. Provide a serviced virtual meeting place for stakeholders
Continuous communication is the single most important factor during a crisis. An easy-to-use voice conference room that can be accessed at any time is key. A managed audio conferencing service can facilitate requests to ensure agility and fluidity as the situation develops.
4. Keep your staff informed. Duty of care is essential
Defined, well-rehearsed communication channels minimise confusion and insecurity amongst stakeholders and staff. It is vital to have access to up-to-date stakeholder and staff contact lists for consistent communications (e.g. text, email, voice, hotline).
These comms can be invoked through a managed service in the cloud.
5. Ensure access to your knowledge asset
Having an external switchboard provider that understands your processes could enable you to maintain access to key information and business services even during a crisis, ensuring ongoing efficiency and information flow
6. Keep your IT help desk functioning 24/7
Minimising confusion as a crisis unfolds is vital. Getting and keeping key IT capability up and working is a pivotal step to achieve this. Ensuring clear lines open to your IT help desk gives your workforce assurance that the situation is under control. Using a triage capability to answer calls and service requests; fact find, prioritise and escalate - enabling your own IT staff to focus on the higher level problems.
7. Provide your staff with the right tools for remote working
By providing alternative, company sanctioned and network independent communication tools, staff can stay productive rather than having to second guess
the company's risk, security or compliance regime. A BYOD (bring-your-own-device) technology that's simple to use and allows easy billing will encourage staff to continue communicating.
8. Think Global
For global corporates a cyber-attack could mean that all world-wide communication becomes disrupted. Do you have a global resilience plan in place for communication? Is it tested around your key risks and invoked on a regular basis?
9. Create strong supply chain relationships
When a crisis hits, relationships with key operational suppliers become even more important. Maintaining strong connections with the right people in these organisations will help ensure your problem is prioritised. Share your BCP plans with your supply chain and include them in your scenario planning.
10. Protect new business opportunities.
Industry statistics show that up to 55% of switchboard calls to professionals service firms are existing or new business calls. A crisis hits customer confidence and keeping lines open to answer questions, escalate requests or give advice will ensure your customers do not seek out new suppliers
Cyber security is now considered a vital part of any business continuity plan, helping keep the threat minimised with proactive solutions. If it's something you’re considering and would like some guidance talk to our team.