Firms do smart things to help them become resilient. They create business continuity plans, cyber playbooks, terror playbooks, they employ mass notification and document sharing technology and then they take all this good stuff and do something really dumb. They put it in a real or metaphorical box marked ‘Crisis Use Only’.
“Have you tried turning it off and on again?” The iconic catchphrase from The IT Crowd struck a chord with misunderstood IT professionals everywhere, because in so many organisations the role of the IT department is misunderstood. Cyber security is often seen as something for “IT” to worry about, not sales, marketing, HR or any other department. However, in order to have watertight defences (or as close to that as possible), all staff need to be engaged in a data security culture.
With the lens of the media fixed firmly on Facebook these past few weeks, the public have never been more aware of their digital footprint and how it can be exploited.
Managing the fall out of a data breach is a team effort, making communication vital. Every employee with an email address can be targeted by increasingly sophisticated phishing scammers - making the protection of an organisation’s data the responsibility of everyone, not just the IT department.
WannaCry was the breach that catapulted cyber security into the headlines last year. The NHS, an organisation close to our hearts and an integral part of our country’s infrastructure, experienced a cyber attack that brought it to its knees. However, the most significant impact of the breach was on public confidence in UK institutions’ ability to defend themselves against hackers.